openssl. question about ec


Roman Catz

Hi all, I have a question about openssl library
Here it is.

'Security on rails' book has a sample

require 'openssl'
include OpenSSL

private_key2 ="host.key"))
cert2 ='host.crt'))

input = "Test string"
signature2 = private_key2.sign(, input)

is_verified2 = cert2.public_key.verify(,
signature2, input)
puts is_verified2

All works well until I switched to ec algorithm

localhost:eek:penssl roman$ openssl ecparam -name secp521r1 -genkey -
out ./ca/ca.key
localhost:eek:penssl roman$ openssl req -new -key ./ca/ca.key -sha512 -
out ./ca/ca.req

localhost:eek:penssl roman$ openssl ca -days 365 -policy policy_anything -
keyfile ./ca/ca.key -in ./ca/ca.req -selfsign -out ./ca/ca.crt -
outdir ./ca

All files prepared. Let's test the code

private_key1 ="./ca/ca.key"))
cert1 ='./ca/ca.crt'))
input = "Test string"
signature = private_key1.sign(, input)

output is:
undefined method `private?' for #<OpenSSL::pKey::EC:0x100378740>

actually OpenSSL::pKey::EC doesn't have method 'private?'
but OpenSSL::pKey::RSA has.

I tried to add method

def private_key1.private?

But another error exists

signature1 = private_key1.sign(, input)
OpenSSL::pKey::pKeyError: wrong public key type

Can anyone explain where is the error here?

TIA Roman


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question