diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-13 15:36:43 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-13 15:36:43 +0900 |
commit | 0b8db854a4c595826eeec11aa03ab20f242f651e (patch) | |
tree | 7ac8bafede901ff77c42f4f1b5b7d03351264e3a /ext/openssl/ossl_pkey_ec.c | |
parent | ed84536dd88340ea4a38f8e5f7e07b23bd68c00f (diff) | |
download | ruby-0b8db854a4c595826eeec11aa03ab20f242f651e.tar.gz |
ext/openssl: implement OpenSSL::PKey::{DSA,RSA,EC}#public_pkeytopic/openssl-pkey-ec
Add OpenSSL::PKey::{DSA,RSA,EC}#public_pkey. They return a new instance
of itself, which contains only parameters and public information.
The old methods, {DSA,RSA}#public_key, are now deprecated.
There are 3 types of PKey#public_key: 1) EC#public_key, which returns
the actual public key (EC::Point). 2) RSA/DSA#public_key, which returns
a new instance of PKey with no private information. 3) DH#public_key,
which returns a new instance of DH which contains only DH params. This
doesn't even contain 'private key'. This is very confusing. The new
methods are intend to replace the 2).
Diffstat (limited to 'ext/openssl/ossl_pkey_ec.c')
-rw-r--r-- | ext/openssl/ossl_pkey_ec.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c index bbdd8a7a5d..80c241aca1 100644 --- a/ext/openssl/ossl_pkey_ec.c +++ b/ext/openssl/ossl_pkey_ec.c @@ -632,6 +632,30 @@ static VALUE ossl_ec_key_check_key(VALUE self) /* * call-seq: + * key.public_pkey => OpenSSL::PKey::EC + * + * Returns a new EC instance that has only public information. + */ +static VALUE ossl_ec_key_public_pkey(VALUE self) +{ + EC_KEY *ec, *ec_new; + + Require_EC_KEY(self, ec); + + if (!EC_KEY_get0_public_key(ec)) + ossl_raise(eECError, "public key is not set"); + + ec_new = EC_KEY_dup(ec); + if (!ec_new) + ossl_raise(eECError, "EC_KEY_dup"); + + EC_KEY_set_private_key(ec_new, NULL); + + return ec_instance(cEC, ec_new); +} + +/* + * call-seq: * key.dh_compute_key(pubkey) => String * * See the OpenSSL documentation for ECDH_compute_key() @@ -1634,6 +1658,7 @@ void Init_ossl_ec(void) */ rb_define_method(cEC, "generate_key", ossl_ec_key_generate_key, 0); rb_define_method(cEC, "check_key", ossl_ec_key_check_key, 0); + rb_define_method(cEC, "public_pkey", ossl_ec_key_public_pkey, 0); rb_define_method(cEC, "dh_compute_key", ossl_ec_key_dh_compute_key, 1); rb_define_method(cEC, "dsa_sign_asn1", ossl_ec_key_dsa_sign_asn1, 1); |