OpenSSL::PKey::RSA accepts empty constructor (BUG?)

Discussion in 'Ruby' started by leon breedt, Jan 22, 2005.

  1. leon breedt

    leon breedt Guest

    It doesn't seem like you can do much with an empty RSA object (no #new
    parameters), so I'm not sure why its exposed to Ruby? It does not seem
    possible to set public/private key values after the fact on an RSA
    instance.

    Also, it allows for possible coredumps:

    irb(main):001:0> require 'openssl'
    => true
    irb(main):002:0> rsa = OpenSSL::pKey::RSA.new
    => -----BEGIN RSA PUBLIC KEY-----
    MAA=
    -----END RSA PUBLIC KEY-----

    irb(main):004:0> rsa.public_encrypt "data"
    (irb):4: [BUG] Segmentation fault
    ruby 1.8.2 (2004-12-23) [i386-linux]

    Leon
     
    leon breedt, Jan 22, 2005
    #1
    1. Advertising

  2. leon breedt

    Jamis Buck Guest

    On 14:10 Sat 22 Jan , leon breedt wrote:
    > It doesn't seem like you can do much with an empty RSA object (no #new
    > parameters), so I'm not sure why its exposed to Ruby? It does not seem
    > possible to set public/private key values after the fact on an RSA
    > instance.


    Actually, Net::SSH needs this. It allows you to explicitly set the
    key's parameters:

    rsa = OpenSSL::pKey::RSA.new
    rsa.e = 1234123432
    rsa.n = 3453234398

    DSA and DH keys also allow the empty constructor.

    >
    > Also, it allows for possible coredumps:
    >
    > irb(main):001:0> require 'openssl'
    > => true
    > irb(main):002:0> rsa = OpenSSL::pKey::RSA.new
    > => -----BEGIN RSA PUBLIC KEY-----
    > MAA=
    > -----END RSA PUBLIC KEY-----
    >
    > irb(main):004:0> rsa.public_encrypt "data"
    > (irb):4: [BUG] Segmentation fault
    > ruby 1.8.2 (2004-12-23) [i386-linux]


    And yah, that's a bug. :) The methods should check to see that the
    key's parameters are non-null before trying to do anything with them.

    - Jamis

    --
    Jamis Buck

    http://jamis.jamisbuck.org
    ------------------------------
    "I am Victor of Borge. You will be assimil-nine-ed."
     
    Jamis Buck, Jan 22, 2005
    #2
    1. Advertising

  3. leon breedt

    leon breedt Guest

    On Sat, 22 Jan 2005 23:23:38 +0900, Jamis Buck <> wrote:
    > Actually, Net::SSH needs this. It allows you to explicitly set the
    > key's parameters:
    >
    > rsa = OpenSSL::pKey::RSA.new
    > rsa.e = 1234123432
    > rsa.n = 3453234398
    >
    > DSA and DH keys also allow the empty constructor.

    I noticed :)

    From reading the archives, it appears you've done a fair amount of
    work in terms of finding out what the OpenSSL bindings do.

    I'm busy slowly adding RDoc to the OpenSSL bindings, mind if I ask you
    to proofread when I have something more substantial to show?

    I have very little in the way of experience with OpenSSL, but having
    needed to use it recently in Ruby, I wasted a lot of time trying to
    figure out what to do, so I'm hoping documenting the Ruby bindings
    will alleviate this for the next person who comes along to do it.

    Its currently not too clear how to add documentation for in-tree stuff
    though, so I've just started adding stuff to ext/ossl/*.c, but I'm
    wary that a massive patch adding the docs won't get accepted.

    Any ideas?

    Cheers :)
    Leon
     
    leon breedt, Jan 23, 2005
    #3
  4. leon breedt

    Jamis Buck Guest

    On 14:03 Sun 23 Jan , leon breedt wrote:
    > On Sat, 22 Jan 2005 23:23:38 +0900, Jamis Buck <> wrote:
    > > Actually, Net::SSH needs this. It allows you to explicitly set the
    > > key's parameters:
    > >
    > > rsa = OpenSSL::pKey::RSA.new
    > > rsa.e = 1234123432
    > > rsa.n = 3453234398
    > >
    > > DSA and DH keys also allow the empty constructor.

    > I noticed :)
    >
    > >From reading the archives, it appears you've done a fair amount of

    > work in terms of finding out what the OpenSSL bindings do.
    >
    > I'm busy slowly adding RDoc to the OpenSSL bindings, mind if I ask you
    > to proofread when I have something more substantial to show?


    Well, I figured out what I needed to make Net::SSH work, which is only
    a fairly small subset of OpenSSL (mostly just the Bignum stuff, and
    keys). I'd be happy to read over your docs, though. Just might not be
    give much feedback on most of it. :)

    >
    > I have very little in the way of experience with OpenSSL, but having
    > needed to use it recently in Ruby, I wasted a lot of time trying to
    > figure out what to do, so I'm hoping documenting the Ruby bindings
    > will alleviate this for the next person who comes along to do it.


    Generations to come will bless your name, Leon!

    > Its currently not too clear how to add documentation for in-tree stuff
    > though, so I've just started adding stuff to ext/ossl/*.c, but I'm
    > wary that a massive patch adding the docs won't get accepted.
    >
    > Any ideas?


    Good question. I'm not very familiar with the process of documenting
    the modules. James Britt--I assume you'd know more about this?

    - Jamis

    --
    Jamis Buck

    http://jamis.jamisbuck.org
    ------------------------------
    "I am Victor of Borge. You will be assimil-nine-ed."
     
    Jamis Buck, Jan 23, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Bergstrom
    Replies:
    0
    Views:
    1,290
    John Bergstrom
    Aug 3, 2003
  2. gg
    Replies:
    0
    Views:
    2,788
  3. Matthias Güntert
    Replies:
    1
    Views:
    379
    Heikki Toivonen
    Aug 1, 2009
  4. Sam Roberts
    Replies:
    4
    Views:
    246
    Eric Hodel
    Dec 6, 2004
  5. Une Bévue
    Replies:
    4
    Views:
    229
    Une Bévue
    Jul 30, 2008
Loading...

Share This Page