pkey/dh: avoid DH#set_key in DH#compute_key

DH#set_key will not work on OpenSSL 3.0 because keys are immutable. For now, let's reimplement DH#compute_key by manually constructing a DER-encoded SubjectPublicKeyInfo structure and feeding it to OpenSSL::PKey.read. Eventually we should implement a new method around EVP_PKEY_fromdata() and use it instead.
ruby · Dec 16, 2021 · d54c751 · d54c751
1 parent c122961
commit d54c751
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/lib/openssl/pkey.rb b/lib/openssl/pkey.rb
@@ -47,9 +47,19 @@ def public_key
  # * _pub_bn_ is a OpenSSL::BN, *not* the DH instance returned by
  # DH#public_key as that contains the DH parameters only.
  def compute_key(pub_bn)
- peer = dup
- peer.set_key(pub_bn, nil)
- derive(peer)
+ # FIXME: This is constructing an X.509 SubjectPublicKeyInfo and is very
+ # inefficient
+ obj = OpenSSL::ASN1.Sequence([
+ OpenSSL::ASN1.Sequence([
+ OpenSSL::ASN1.ObjectId("dhKeyAgreement"),
+ OpenSSL::ASN1.Sequence([
+ OpenSSL::ASN1.Integer(p),
+ OpenSSL::ASN1.Integer(g),
+ ]),
+ ]),
+ OpenSSL::ASN1.BitString(OpenSSL::ASN1.Integer(pub_bn).to_der),
+ ])
+ derive(OpenSSL::PKey.read(obj.to_der))
  end
 
  # :call-seq: