Skip to content

Commit 6a48f7c

Browse files
authored
Merge pull request #774 from rhenium/ky/pkey-get-params-nil
pkey: change PKey::{RSA,DSA,DH}#params to use nil for missing parameters
2 parents 6f1695d + f247ec3 commit 6a48f7c

File tree

7 files changed

+96
-100
lines changed

7 files changed

+96
-100
lines changed

ext/openssl/ossl_pkey_dh.c

Lines changed: 0 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -284,35 +284,6 @@ ossl_dh_to_der(VALUE self)
284284
return str;
285285
}
286286

287-
/*
288-
* call-seq:
289-
* dh.params -> hash
290-
*
291-
* Stores all parameters of key to the hash
292-
* INSECURE: PRIVATE INFORMATIONS CAN LEAK OUT!!!
293-
* Don't use :-)) (I's up to you)
294-
*/
295-
static VALUE
296-
ossl_dh_get_params(VALUE self)
297-
{
298-
OSSL_3_const DH *dh;
299-
VALUE hash;
300-
const BIGNUM *p, *q, *g, *pub_key, *priv_key;
301-
302-
GetDH(self, dh);
303-
DH_get0_pqg(dh, &p, &q, &g);
304-
DH_get0_key(dh, &pub_key, &priv_key);
305-
306-
hash = rb_hash_new();
307-
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
308-
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
309-
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
310-
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
311-
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
312-
313-
return hash;
314-
}
315-
316287
/*
317288
* call-seq:
318289
* dh.params_ok? -> true | false
@@ -443,8 +414,6 @@ Init_ossl_dh(void)
443414
DEF_OSSL_PKEY_BN(cDH, dh, priv_key);
444415
rb_define_method(cDH, "set_pqg", ossl_dh_set_pqg, 3);
445416
rb_define_method(cDH, "set_key", ossl_dh_set_key, 2);
446-
447-
rb_define_method(cDH, "params", ossl_dh_get_params, 0);
448417
}
449418

450419
#else /* defined NO_DH */

ext/openssl/ossl_pkey_dsa.c

Lines changed: 0 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -303,35 +303,6 @@ ossl_dsa_to_der(VALUE self)
303303
}
304304

305305

306-
/*
307-
* call-seq:
308-
* dsa.params -> hash
309-
*
310-
* Stores all parameters of key to the hash
311-
* INSECURE: PRIVATE INFORMATIONS CAN LEAK OUT!!!
312-
* Don't use :-)) (I's up to you)
313-
*/
314-
static VALUE
315-
ossl_dsa_get_params(VALUE self)
316-
{
317-
OSSL_3_const DSA *dsa;
318-
VALUE hash;
319-
const BIGNUM *p, *q, *g, *pub_key, *priv_key;
320-
321-
GetDSA(self, dsa);
322-
DSA_get0_pqg(dsa, &p, &q, &g);
323-
DSA_get0_key(dsa, &pub_key, &priv_key);
324-
325-
hash = rb_hash_new();
326-
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
327-
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
328-
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
329-
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
330-
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
331-
332-
return hash;
333-
}
334-
335306
/*
336307
* Document-method: OpenSSL::PKey::DSA#set_pqg
337308
* call-seq:
@@ -396,8 +367,6 @@ Init_ossl_dsa(void)
396367
DEF_OSSL_PKEY_BN(cDSA, dsa, priv_key);
397368
rb_define_method(cDSA, "set_pqg", ossl_dsa_set_pqg, 3);
398369
rb_define_method(cDSA, "set_key", ossl_dsa_set_key, 2);
399-
400-
rb_define_method(cDSA, "params", ossl_dsa_get_params, 0);
401370
}
402371

403372
#else /* defined NO_DSA */

ext/openssl/ossl_pkey_rsa.c

Lines changed: 0 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -494,42 +494,6 @@ ossl_rsa_verify_pss(int argc, VALUE *argv, VALUE self)
494494
ossl_raise(eRSAError, NULL);
495495
}
496496

497-
/*
498-
* call-seq:
499-
* rsa.params => hash
500-
*
501-
* THIS METHOD IS INSECURE, PRIVATE INFORMATION CAN LEAK OUT!!!
502-
*
503-
* Stores all parameters of key to the hash. The hash has keys 'n', 'e', 'd',
504-
* 'p', 'q', 'dmp1', 'dmq1', 'iqmp'.
505-
*
506-
* Don't use :-)) (It's up to you)
507-
*/
508-
static VALUE
509-
ossl_rsa_get_params(VALUE self)
510-
{
511-
OSSL_3_const RSA *rsa;
512-
VALUE hash;
513-
const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
514-
515-
GetRSA(self, rsa);
516-
RSA_get0_key(rsa, &n, &e, &d);
517-
RSA_get0_factors(rsa, &p, &q);
518-
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
519-
520-
hash = rb_hash_new();
521-
rb_hash_aset(hash, rb_str_new2("n"), ossl_bn_new(n));
522-
rb_hash_aset(hash, rb_str_new2("e"), ossl_bn_new(e));
523-
rb_hash_aset(hash, rb_str_new2("d"), ossl_bn_new(d));
524-
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
525-
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
526-
rb_hash_aset(hash, rb_str_new2("dmp1"), ossl_bn_new(dmp1));
527-
rb_hash_aset(hash, rb_str_new2("dmq1"), ossl_bn_new(dmq1));
528-
rb_hash_aset(hash, rb_str_new2("iqmp"), ossl_bn_new(iqmp));
529-
530-
return hash;
531-
}
532-
533497
/*
534498
* Document-method: OpenSSL::PKey::RSA#set_key
535499
* call-seq:
@@ -617,8 +581,6 @@ Init_ossl_rsa(void)
617581
rb_define_method(cRSA, "set_factors", ossl_rsa_set_factors, 2);
618582
rb_define_method(cRSA, "set_crt_params", ossl_rsa_set_crt_params, 3);
619583

620-
rb_define_method(cRSA, "params", ossl_rsa_get_params, 0);
621-
622584
/*
623585
* TODO: Test it
624586
rb_define_method(cRSA, "blinding_on!", ossl_rsa_blinding_on, 0);

lib/openssl/pkey.rb

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,18 @@ def public_key
3434
DH.new(to_der)
3535
end
3636

37+
# :call-seq:
38+
# dh.params -> hash
39+
#
40+
# Stores all parameters of key to a Hash.
41+
#
42+
# The hash has keys 'p', 'q', 'g', 'pub_key', and 'priv_key'.
43+
def params
44+
%w{p q g pub_key priv_key}.map { |name|
45+
[name, send(name)]
46+
}.to_h
47+
end
48+
3749
# :call-seq:
3850
# dh.compute_key(pub_bn) -> string
3951
#
@@ -154,6 +166,18 @@ def public_key
154166
OpenSSL::PKey.read(public_to_der)
155167
end
156168

169+
# :call-seq:
170+
# dsa.params -> hash
171+
#
172+
# Stores all parameters of key to a Hash.
173+
#
174+
# The hash has keys 'p', 'q', 'g', 'pub_key', and 'priv_key'.
175+
def params
176+
%w{p q g pub_key priv_key}.map { |name|
177+
[name, send(name)]
178+
}.to_h
179+
end
180+
157181
class << self
158182
# :call-seq:
159183
# DSA.generate(size) -> dsa
@@ -328,6 +352,18 @@ def public_key
328352
OpenSSL::PKey.read(public_to_der)
329353
end
330354

355+
# :call-seq:
356+
# rsa.params -> hash
357+
#
358+
# Stores all parameters of key to a Hash.
359+
#
360+
# The hash has keys 'n', 'e', 'd', 'p', 'q', 'dmp1', 'dmq1', and 'iqmp'.
361+
def params
362+
%w{n e d p q dmp1 dmq1 iqmp}.map { |name|
363+
[name, send(name)]
364+
}.to_h
365+
end
366+
331367
class << self
332368
# :call-seq:
333369
# RSA.generate(size, exponent = 65537) -> RSA

test/openssl/test_pkey_dh.rb

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -130,6 +130,25 @@ def test_params_ok?
130130
assert_equal(false, dh2.params_ok?)
131131
end
132132

133+
def test_params
134+
dh = Fixtures.pkey("dh2048_ffdhe2048")
135+
assert_kind_of(OpenSSL::BN, dh.p)
136+
assert_equal(dh.p, dh.params["p"])
137+
assert_kind_of(OpenSSL::BN, dh.g)
138+
assert_equal(dh.g, dh.params["g"])
139+
assert_nil(dh.pub_key)
140+
assert_nil(dh.params["pub_key"])
141+
assert_nil(dh.priv_key)
142+
assert_nil(dh.params["priv_key"])
143+
144+
dhkey = OpenSSL::PKey.generate_key(dh)
145+
assert_equal(dh.params["p"], dhkey.params["p"])
146+
assert_kind_of(OpenSSL::BN, dhkey.pub_key)
147+
assert_equal(dhkey.pub_key, dhkey.params["pub_key"])
148+
assert_kind_of(OpenSSL::BN, dhkey.priv_key)
149+
assert_equal(dhkey.priv_key, dhkey.params["priv_key"])
150+
end
151+
133152
def test_dup
134153
# Parameters only
135154
dh1 = Fixtures.pkey("dh2048_ffdhe2048")

test/openssl/test_pkey_dsa.rb

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -230,6 +230,27 @@ def test_read_DSAPublicKey_pem
230230
assert_equal(nil, key.priv_key)
231231
end
232232

233+
def test_params
234+
key = Fixtures.pkey("dsa2048")
235+
assert_kind_of(OpenSSL::BN, key.p)
236+
assert_equal(key.p, key.params["p"])
237+
assert_kind_of(OpenSSL::BN, key.q)
238+
assert_equal(key.q, key.params["q"])
239+
assert_kind_of(OpenSSL::BN, key.g)
240+
assert_equal(key.g, key.params["g"])
241+
assert_kind_of(OpenSSL::BN, key.pub_key)
242+
assert_equal(key.pub_key, key.params["pub_key"])
243+
assert_kind_of(OpenSSL::BN, key.priv_key)
244+
assert_equal(key.priv_key, key.params["priv_key"])
245+
246+
pubkey = OpenSSL::PKey.read(key.public_to_der)
247+
assert_equal(key.params["p"], pubkey.params["p"])
248+
assert_equal(key.pub_key, pubkey.pub_key)
249+
assert_equal(key.pub_key, pubkey.params["pub_key"])
250+
assert_nil(pubkey.priv_key)
251+
assert_nil(pubkey.params["priv_key"])
252+
end
253+
233254
def test_dup
234255
key = Fixtures.pkey("dsa1024")
235256
key2 = key.dup

test/openssl/test_pkey_rsa.rb

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -579,6 +579,26 @@ def test_private_encoding_encrypted
579579
assert_same_rsa rsa, OpenSSL::PKey.read(pem, "abcdef")
580580
end
581581

582+
def test_params
583+
key = Fixtures.pkey("rsa2048")
584+
assert_equal(2048, key.n.num_bits)
585+
assert_equal(key.n, key.params["n"])
586+
assert_equal(65537, key.e)
587+
assert_equal(key.e, key.params["e"])
588+
[:d, :p, :q, :dmp1, :dmq1, :iqmp].each do |name|
589+
assert_kind_of(OpenSSL::BN, key.send(name))
590+
assert_equal(key.send(name), key.params[name.to_s])
591+
end
592+
593+
pubkey = OpenSSL::PKey.read(key.public_to_der)
594+
assert_equal(key.n, pubkey.n)
595+
assert_equal(key.e, pubkey.e)
596+
[:d, :p, :q, :dmp1, :dmq1, :iqmp].each do |name|
597+
assert_nil(pubkey.send(name))
598+
assert_nil(pubkey.params[name.to_s])
599+
end
600+
end
601+
582602
def test_dup
583603
key = Fixtures.pkey("rsa1024")
584604
key2 = key.dup

0 commit comments

Comments
 (0)