diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-03-21 18:23:53 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-03-16 19:16:11 +0900 |
commit | 498c8e8f17d5a06244515db163a714e87a4fce76 (patch) | |
tree | 039e7a97ff803b8e5319ec403324b17010d8024d /ext | |
parent | 1f44640677cc92c105a5b624a021cefdfe645f9a (diff) | |
download | ruby-498c8e8f17d5a06244515db163a714e87a4fce76.tar.gz |
[ruby/openssl] pkey: assume generic PKeys contain private components
The EVP interface cannot tell whether if a pkey contains the private
components or not. Assume it does if it does not respond to #private?.
This fixes the NoMethodError on calling #sign on a generic PKey.
https://github.com/ruby/openssl/commit/f4c717bcb2
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/ossl_pkey.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index 610a83fd2d..8d41623e80 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -252,12 +252,19 @@ GetPrivPKeyPtr(VALUE obj) { EVP_PKEY *pkey; - if (rb_funcallv(obj, id_private_q, 0, NULL) != Qtrue) { - ossl_raise(rb_eArgError, "Private key is needed."); - } GetPKey(obj, pkey); + if (OSSL_PKEY_IS_PRIVATE(obj)) + return pkey; + /* + * The EVP API does not provide a way to check if the EVP_PKEY has private + * components. Assuming it does... + */ + if (!rb_respond_to(obj, id_private_q)) + return pkey; + if (RTEST(rb_funcallv(obj, id_private_q, 0, NULL))) + return pkey; - return pkey; + rb_raise(rb_eArgError, "private key is needed"); } EVP_PKEY * |