diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2021-12-17 02:22:25 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-12-20 23:42:01 +0900 |
| commit | 50b90c5fc3480d3193c9cf161c2a6e71cc688189 (patch) | |
| tree | 2b1fd33d7a273620955ddc20595c1e2108dbe06c | |
| parent | dc3f37c6cc64139848c074571707399a225f2efe (diff) | |
| download | ruby-50b90c5fc3480d3193c9cf161c2a6e71cc688189.tar.gz | |
[ruby/openssl] pkey/ec: avoid using EC#public_key= in EC#dh_compute_key
Similarly to DH#compute_key, work around it by constructing a
SubjectPublicKeyInfo. This should be considered as a temporary
implementation.
https://github.com/ruby/openssl/commit/fc9aabc18d
| -rw-r--r-- | ext/openssl/lib/openssl/pkey.rb | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/ext/openssl/lib/openssl/pkey.rb b/ext/openssl/lib/openssl/pkey.rb index 5864faa919..ba04cf4b39 100644 --- a/ext/openssl/lib/openssl/pkey.rb +++ b/ext/openssl/lib/openssl/pkey.rb @@ -259,9 +259,14 @@ module OpenSSL::PKey # This method is provided for backwards compatibility, and calls #derive # internally. def dh_compute_key(pubkey) - peer = OpenSSL::PKey::EC.new(group) - peer.public_key = pubkey - derive(peer) + obj = OpenSSL::ASN1.Sequence([ + OpenSSL::ASN1.Sequence([ + OpenSSL::ASN1.ObjectId("id-ecPublicKey"), + group.to_der, + ]), + OpenSSL::ASN1.BitString(pubkey.to_octet_string(:uncompressed)), + ]) + derive(OpenSSL::PKey.read(obj.to_der)) end end |