[ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC

ruby-core@ruby-lang.org archive (unofficial mirror)
 help / color / mirror / Atom feed

* [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
@ 2011-11-08 17:36 Steve Caligo
  2011-11-08 17:47 ` [ruby-core:40854] [ruby-trunk - Bug #5600][Assigned] " Martin Bosslet
                   ` (5 more replies)
  0 siblings, 6 replies; 7+ messages in thread
From: Steve Caligo @ 2011-11-08 17:36 UTC (permalink / raw)
  To: ruby-core


Issue #5600 has been reported by Steve Caligo.

----------------------------------------
Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
http://redmine.ruby-lang.org/issues/5600

Author: Steve Caligo
Status: Open
Priority: Normal
Assignee: 
Category: ext
Target version: 
ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]


Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.



-- 
http://redmine.ruby-lang.org

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ruby-core:40854] [ruby-trunk - Bug #5600][Assigned] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
  2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
@ 2011-11-08 17:47 ` Martin Bosslet
  2012-06-10  0:29 ` [ruby-core:45540] [ruby-trunk - Bug #5600] " MartinBosslet (Martin Bosslet)
                   ` (4 subsequent siblings)
  5 siblings, 0 replies; 7+ messages in thread
From: Martin Bosslet @ 2011-11-08 17:47 UTC (permalink / raw)
  To: ruby-core


Issue #5600 has been updated by Martin Bosslet.

Status changed from Open to Assigned
Assignee set to Martin Bosslet
Target version set to 2.0.0


----------------------------------------
Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
http://redmine.ruby-lang.org/issues/5600

Author: Steve Caligo
Status: Assigned
Priority: Normal
Assignee: Martin Bosslet
Category: ext
Target version: 2.0.0
ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]


Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.



-- 
http://redmine.ruby-lang.org

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ruby-core:45540] [ruby-trunk - Bug #5600] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
  2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
  2011-11-08 17:47 ` [ruby-core:40854] [ruby-trunk - Bug #5600][Assigned] " Martin Bosslet
@ 2012-06-10  0:29 ` MartinBosslet (Martin Bosslet)
  2013-02-18 12:23 ` [ruby-core:52444] [ruby-trunk - Bug #5600] OpenSSL::X509::Request can&#x27;t " mame (Yusuke Endoh)
                   ` (3 subsequent siblings)
  5 siblings, 0 replies; 7+ messages in thread
From: MartinBosslet (Martin Bosslet) @ 2012-06-10  0:29 UTC (permalink / raw)
  To: ruby-core


Issue #5600 has been updated by MartinBosslet (Martin Bosslet).


Unfortunately it's not done by simply renaming the methods appropriately. It still would fail because OpenSSL::PKey::EC#public_key returns an OpenSSL::PKey::EC::Point instead of another OpenSSL::PKey::EC, and as a consequence, there's no reference to an EVP_PKEY that is needed internally. The whole EC interface needs an overhaul. I'll set up a parent task referencing all the issues that piled up since the release of 1.9.3. The goal would be to make EC follow the general PKey interface, allowing to use them interchangeably wherever a PKey instance is expected.
----------------------------------------
Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
https://bugs.ruby-lang.org/issues/5600#change-27135

Author: scaligo (Steve Caligo)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: ext
Target version: 2.0.0
ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]


Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.



-- 
http://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ruby-core:52444] [ruby-trunk - Bug #5600] OpenSSL::X509::Request can&#x27;t sign() an OpenSSL::PKey::EC
  2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
  2011-11-08 17:47 ` [ruby-core:40854] [ruby-trunk - Bug #5600][Assigned] " Martin Bosslet
  2012-06-10  0:29 ` [ruby-core:45540] [ruby-trunk - Bug #5600] " MartinBosslet (Martin Bosslet)
@ 2013-02-18 12:23 ` mame (Yusuke Endoh)
  2015-06-30  3:38 ` [ruby-core:69792] [Ruby trunk - Bug #5600] OpenSSL::X509::Request can't " adam
                   ` (2 subsequent siblings)
  5 siblings, 0 replies; 7+ messages in thread
From: mame (Yusuke Endoh) @ 2013-02-18 12:23 UTC (permalink / raw)
  To: ruby-core


Issue #5600 has been updated by mame (Yusuke Endoh).

Subject changed from OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC to OpenSSL::X509::Request can&#x27;t sign() an OpenSSL::PKey::EC
Target version changed from 2.0.0 to next minor

It is too late for "an overhaul".  Postponing to next minor.

-- 
Yusuke Endoh <mame@tsg.ne.jp>
----------------------------------------
Bug #5600: OpenSSL::X509::Request can&#x27;t sign() an OpenSSL::PKey::EC
https://bugs.ruby-lang.org/issues/5600#change-36510

Author: scaligo (Steve Caligo)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: ext
Target version: next minor
ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]


Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.



-- 
http://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ruby-core:69792] [Ruby trunk - Bug #5600] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
  2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
                   ` (2 preceding siblings ...)
  2013-02-18 12:23 ` [ruby-core:52444] [ruby-trunk - Bug #5600] OpenSSL::X509::Request can&#x27;t " mame (Yusuke Endoh)
@ 2015-06-30  3:38 ` adam
  2015-09-13  3:19 ` [ruby-core:70768] " zzak
  2016-06-15 14:12 ` [ruby-core:76037] [Ruby trunk Bug#5600][Closed] " k
  5 siblings, 0 replies; 7+ messages in thread
From: adam @ 2015-06-30  3:38 UTC (permalink / raw)
  To: ruby-core

Issue #5600 has been updated by Adam Michael.


Any updates on this?


----------------------------------------
Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
https://bugs.ruby-lang.org/issues/5600#change-53178

* Author: Steve Caligo
* Status: Assigned
* Priority: Normal
* Assignee: Martin Bosslet
* ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]
* Backport: 
----------------------------------------
Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.




-- 
https://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ruby-core:70768] [Ruby trunk - Bug #5600] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
  2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
                   ` (3 preceding siblings ...)
  2015-06-30  3:38 ` [ruby-core:69792] [Ruby trunk - Bug #5600] OpenSSL::X509::Request can't " adam
@ 2015-09-13  3:19 ` zzak
  2016-06-15 14:12 ` [ruby-core:76037] [Ruby trunk Bug#5600][Closed] " k
  5 siblings, 0 replies; 7+ messages in thread
From: zzak @ 2015-09-13  3:19 UTC (permalink / raw)
  To: ruby-core

Issue #5600 has been updated by Zachary Scott.

Assignee changed from Martin Bosslet to openssl

----------------------------------------
Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
https://bugs.ruby-lang.org/issues/5600#change-54147

* Author: Steve Caligo
* Status: Assigned
* Priority: Normal
* Assignee: openssl
* ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]
* Backport: 
----------------------------------------
Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.




-- 
https://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ruby-core:76037] [Ruby trunk Bug#5600][Closed] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
  2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
                   ` (4 preceding siblings ...)
  2015-09-13  3:19 ` [ruby-core:70768] " zzak
@ 2016-06-15 14:12 ` k
  5 siblings, 0 replies; 7+ messages in thread
From: k @ 2016-06-15 14:12 UTC (permalink / raw)
  To: ruby-core

Issue #5600 has been updated by Kazuki Yamaguchi.

Status changed from Assigned to Closed

r55098 (openssl: add OpenSSL::PKey::EC#private? and #public?, 2016-05-21) added OpenSSL::PKey::EC#private?. The code should work now.

Please see also #6567.

----------------------------------------
Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC
https://bugs.ruby-lang.org/issues/5600#change-59238

* Author: Steve Caligo
* Status: Closed
* Priority: Normal
* Assignee: openssl
* ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]
* Backport: 
----------------------------------------
Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)


which produces the error:

in `sign': undefined method `private?' for #<OpenSSL::PKey::EC:0x000000021b4980> (NoMethodError)


ossl_pkey_ec.c should either:
- rb_define_method() the missing private? and public? methods
- rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.




-- 
https://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2016-06-15 13:39 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-11-08 17:36 [ruby-core:40853] [ruby-trunk - Bug #5600][Open] OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC Steve Caligo
2011-11-08 17:47 ` [ruby-core:40854] [ruby-trunk - Bug #5600][Assigned] " Martin Bosslet
2012-06-10  0:29 ` [ruby-core:45540] [ruby-trunk - Bug #5600] " MartinBosslet (Martin Bosslet)
2013-02-18 12:23 ` [ruby-core:52444] [ruby-trunk - Bug #5600] OpenSSL::X509::Request can&#x27;t " mame (Yusuke Endoh)
2015-06-30  3:38 ` [ruby-core:69792] [Ruby trunk - Bug #5600] OpenSSL::X509::Request can't " adam
2015-09-13  3:19 ` [ruby-core:70768] " zzak
2016-06-15 14:12 ` [ruby-core:76037] [Ruby trunk Bug#5600][Closed] " k

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).