diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2021-04-15 19:11:32 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-04-15 20:55:25 +0900 |
| commit | 48a6c391ef47c9a12c3d2c96a5a2db4f44295182 (patch) | |
| tree | e646ab1e1e73fa23e9262784a06bb98e76901bae /lib | |
| parent | e0b4c56956ef4ef3ab47cf5d2eed55fbcc5152e8 (diff) | |
| download | ruby-openssl-48a6c391ef47c9a12c3d2c96a5a2db4f44295182.tar.gz | |
pkey: implement {DH,DSA,RSA}#public_key in Ruby
The low-level API that is used to implement #public_key is deprecated
in OpenSSL 3.0. It is actually very simple to implement in another way,
using existing methods only, in much shorter code. Let's do it.
While we are at it, the documentation is updated to recommend against
using #public_key. Now that OpenSSL::PKey::PKey implements public_to_der
method, there is no real use case for #public_key in newly written Ruby
programs.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/openssl/pkey.rb | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/lib/openssl/pkey.rb b/lib/openssl/pkey.rb index 53ee52f9..569559e1 100644 --- a/lib/openssl/pkey.rb +++ b/lib/openssl/pkey.rb @@ -11,6 +11,30 @@ module OpenSSL::PKey include OpenSSL::Marshal # :call-seq: + # dh.public_key -> dhnew + # + # Returns a new DH instance that carries just the \DH parameters. + # + # Contrary to the method name, the returned DH object contains only + # parameters and not the public key. + # + # This method is provided for backwards compatibility. In most cases, there + # is no need to call this method. + # + # For the purpose of re-generating the key pair while keeping the + # parameters, check OpenSSL::PKey.generate_key. + # + # Example: + # # OpenSSL::PKey::DH.generate by default generates a random key pair + # dh1 = OpenSSL::PKey::DH.generate(2048) + # p dh1.priv_key #=> #<OpenSSL::BN 1288347...> + # dhcopy = dh1.public_key + # p dhcopy.priv_key #=> nil + def public_key + DH.new(to_der) + end + + # :call-seq: # dh.compute_key(pub_bn) -> string # # Returns a String containing a shared secret computed from the other @@ -89,6 +113,22 @@ module OpenSSL::PKey class DSA include OpenSSL::Marshal + # :call-seq: + # dsa.public_key -> dsanew + # + # Returns a new DSA instance that carries just the \DSA parameters and the + # public key. + # + # This method is provided for backwards compatibility. In most cases, there + # is no need to call this method. + # + # For the purpose of serializing the public key, to PEM or DER encoding of + # X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and + # PKey#public_to_der. + def public_key + OpenSSL::PKey.read(public_to_der) + end + class << self # :call-seq: # DSA.generate(size) -> dsa @@ -159,6 +199,21 @@ module OpenSSL::PKey class RSA include OpenSSL::Marshal + # :call-seq: + # rsa.public_key -> rsanew + # + # Returns a new RSA instance that carries just the public key components. + # + # This method is provided for backwards compatibility. In most cases, there + # is no need to call this method. + # + # For the purpose of serializing the public key, to PEM or DER encoding of + # X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and + # PKey#public_to_der. + def public_key + OpenSSL::PKey.read(public_to_der) + end + class << self # :call-seq: # RSA.generate(size, exponent = 65537) -> RSA |