R
Roman Catz
Hi all, I have a question about openssl library
Here it is.
'Security on rails' book has a sample
require 'openssl'
include OpenSSL
private_key2 = PKey::RSA.new(File.read("host.key"))
cert2 = X509::Certificate.new(File.read('host.crt'))
input = "Test string"
signature2 = private_key2.sign(OpenSSL:
igest::SHA512.new, input)
is_verified2 = cert2.public_key.verify(OpenSSL:igest::SHA512.new,
signature2, input)
puts is_verified2
All works well until I switched to ec algorithm
Example:
localhostpenssl roman$ openssl ecparam -name secp521r1 -genkey -
out ./ca/ca.key
localhostpenssl roman$ openssl req -new -key ./ca/ca.key -sha512 -
out ./ca/ca.req
localhostpenssl roman$ openssl ca -days 365 -policy policy_anything -
keyfile ./ca/ca.key -in ./ca/ca.req -selfsign -out ./ca/ca.crt -
outdir ./ca
All files prepared. Let's test the code
private_key1 = PKey::EC.new(File.read("./ca/ca.key"))
cert1 = X509::Certificate.new(File.read('./ca/ca.crt'))
input = "Test string"
signature = private_key1.sign(OpenSSL:igest::SHA1.new, input)
output is:
undefined method `private?' for #<OpenSSL:Key::EC:0x100378740>
actually OpenSSL:Key::EC doesn't have method 'private?'
but OpenSSL:Key::RSA has.
I tried to add method
def private_key1.private?
self.private_key?
end
But another error exists
signature1 = private_key1.sign(OpenSSL:igest::SHA1.new, input)
outputs:
OpenSSL:Key:KeyError: wrong public key type
Can anyone explain where is the error here?
TIA Roman
Here it is.
'Security on rails' book has a sample
require 'openssl'
include OpenSSL
private_key2 = PKey::RSA.new(File.read("host.key"))
cert2 = X509::Certificate.new(File.read('host.crt'))
input = "Test string"
signature2 = private_key2.sign(OpenSSL:
igest::SHA512.new, input)is_verified2 = cert2.public_key.verify(OpenSSL:
igest::SHA512.new,signature2, input)
puts is_verified2
All works well until I switched to ec algorithm
Example:
localhost
penssl roman$ openssl ecparam -name secp521r1 -genkey -out ./ca/ca.key
localhost
penssl roman$ openssl req -new -key ./ca/ca.key -sha512 -out ./ca/ca.req
localhost
penssl roman$ openssl ca -days 365 -policy policy_anything -keyfile ./ca/ca.key -in ./ca/ca.req -selfsign -out ./ca/ca.crt -
outdir ./ca
All files prepared. Let's test the code
private_key1 = PKey::EC.new(File.read("./ca/ca.key"))
cert1 = X509::Certificate.new(File.read('./ca/ca.crt'))
input = "Test string"
signature = private_key1.sign(OpenSSL:
igest::SHA1.new, input)output is:
undefined method `private?' for #<OpenSSL:
Key::EC:0x100378740>actually OpenSSL:
Key::EC doesn't have method 'private?'but OpenSSL:
Key::RSA has.I tried to add method
def private_key1.private?
self.private_key?
end
But another error exists
signature1 = private_key1.sign(OpenSSL:
igest::SHA1.new, input)outputs:
OpenSSL:
Key:KeyError: wrong public key typeCan anyone explain where is the error here?
TIA Roman