Better support for generic PKEYs #119
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rb_intern() with a string literal caches the result. This is unnecessary for init functions.
The EVP interface cannot tell whether if a pkey contains the private components or not. Assume it has, if the object does not respond to 'private?'.
ossl_{rsa,dsa,dh,ec}_new() called from this function are not used
anywhere else. Inline them into pkey_new0() and reduce code
duplication.
Merge the code into the callers. They are used only once or twice. In fact, they are inconsistent and not useful - they are expected to return Qfalse on failure, but actually also raise NoMemoryError if a Ruby object allocation fails. This potentially causes memory leaks.
OpenSSL::PKey::PKey#private_to_der, #private_to_pem are added to the generic PKey class. They serialize the private key to PKCS ruby#8 {Encrypted,}PrivateKeyInfo format, in DER- and PEM- encoding, respectively. For symmetry, also add #public_to_der and #public_to_pem that serialize the public key into X.509 SubjectPublicKeyInfo format. OpenSSL::PKey.read now reads DER-encoded PKCS ruby#8 keys as well as the "raw" private keys. PEM-encoded PKCS ruby#8 keys have been already handled by PEM_read_bio_PrivateKey().
Try PEM_read_bio_Parameters() in OpenSSL::PKey.read.
Let each class' initialize method use the same code as OpenSSL::PKey.read for loading a key from String.
Add OpenSSL::PKey::PKey#derive as the wrapper for EVP_PKEY_CTX_derive(). This is useful for pkey types that we don't have dedicated classes, such as X25519.
Use the new OpenSSL::PKey::PKey#derive instead of the raw
{EC,}DH_compute_key(), mainly to reduce amount of the C code.
Add two methods to create a PKey using the EVP interface. This can be useful for PKey types we don't have a dedicated class.
Closed
|
Can you please rebase on master and advise whether this is still relevant? Thanks! |
This was referenced Nov 22, 2019
This was referenced Feb 16, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR includes following changes:
Will resolve #117.