ruby-changes:65489
From: Kazuki <ko1@a...>
Date: Tue, 16 Mar 2021 20:38:41 +0900 (JST)
Subject: [ruby-changes:65489] 498c8e8f17 (master): [ruby/openssl] pkey: assume generic PKeys contain private components
https://git.ruby-lang.org/ruby.git/commit/?id=498c8e8f17 From 498c8e8f17d5a06244515db163a714e87a4fce76 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Tue, 21 Mar 2017 18:23:53 +0900 Subject: [ruby/openssl] pkey: assume generic PKeys contain private components The EVP interface cannot tell whether if a pkey contains the private components or not. Assume it does if it does not respond to #private?. This fixes the NoMethodError on calling #sign on a generic PKey. https://github.com/ruby/openssl/commit/f4c717bcb2 --- ext/openssl/ossl_pkey.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 610a83f..8d41623 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -252,12 +252,19 @@ GetPrivPKeyPtr(VALUE obj) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey.c#L252 { EVP_PKEY *pkey; - if (rb_funcallv(obj, id_private_q, 0, NULL) != Qtrue) { - ossl_raise(rb_eArgError, "Private key is needed."); - } GetPKey(obj, pkey); + if (OSSL_PKEY_IS_PRIVATE(obj)) + return pkey; + /* + * The EVP API does not provide a way to check if the EVP_PKEY has private + * components. Assuming it does... + */ + if (!rb_respond_to(obj, id_private_q)) + return pkey; + if (RTEST(rb_funcallv(obj, id_private_q, 0, NULL))) + return pkey; - return pkey; + rb_raise(rb_eArgError, "private key is needed"); } EVP_PKEY * -- cgit v1.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/