[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

OpenSSL::PKey::RSA accepts empty constructor (BUG?

leon breedt

1/22/2005 5:10:00 AM

It doesn't seem like you can do much with an empty RSA object (no #new
parameters), so I'm not sure why its exposed to Ruby? It does not seem
possible to set public/private key values after the fact on an RSA
instance.

Also, it allows for possible coredumps:

irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> rsa = OpenSSL::PKey::RSA.new
=> -----BEGIN RSA PUBLIC KEY-----
MAA=
-----END RSA PUBLIC KEY-----

irb(main):004:0> rsa.public_encrypt "data"
(irb):4: [BUG] Segmentation fault
ruby 1.8.2 (2004-12-23) [i386-linux]

Leon
3 Answers

Jamis Buck

1/22/2005 2:24:00 PM

0

On 14:10 Sat 22 Jan , leon breedt wrote:
> It doesn't seem like you can do much with an empty RSA object (no #new
> parameters), so I'm not sure why its exposed to Ruby? It does not seem
> possible to set public/private key values after the fact on an RSA
> instance.

Actually, Net::SSH needs this. It allows you to explicitly set the
key's parameters:

rsa = OpenSSL::PKey::RSA.new
rsa.e = 1234123432
rsa.n = 3453234398

DSA and DH keys also allow the empty constructor.

>
> Also, it allows for possible coredumps:
>
> irb(main):001:0> require 'openssl'
> => true
> irb(main):002:0> rsa = OpenSSL::PKey::RSA.new
> => -----BEGIN RSA PUBLIC KEY-----
> MAA=
> -----END RSA PUBLIC KEY-----
>
> irb(main):004:0> rsa.public_encrypt "data"
> (irb):4: [BUG] Segmentation fault
> ruby 1.8.2 (2004-12-23) [i386-linux]

And yah, that's a bug. :) The methods should check to see that the
key's parameters are non-null before trying to do anything with them.

- Jamis

--
Jamis Buck
jamis_buck@byu.edu
http://jamis.jam...
------------------------------
"I am Victor of Borge. You will be assimil-nine-ed."

leon breedt

1/23/2005 5:03:00 AM

0

On Sat, 22 Jan 2005 23:23:38 +0900, Jamis Buck <jamis_buck@byu.edu> wrote:
> Actually, Net::SSH needs this. It allows you to explicitly set the
> key's parameters:
>
> rsa = OpenSSL::PKey::RSA.new
> rsa.e = 1234123432
> rsa.n = 3453234398
>
> DSA and DH keys also allow the empty constructor.
I noticed :)

From reading the archives, it appears you've done a fair amount of
work in terms of finding out what the OpenSSL bindings do.

I'm busy slowly adding RDoc to the OpenSSL bindings, mind if I ask you
to proofread when I have something more substantial to show?

I have very little in the way of experience with OpenSSL, but having
needed to use it recently in Ruby, I wasted a lot of time trying to
figure out what to do, so I'm hoping documenting the Ruby bindings
will alleviate this for the next person who comes along to do it.

Its currently not too clear how to add documentation for in-tree stuff
though, so I've just started adding stuff to ext/ossl/*.c, but I'm
wary that a massive patch adding the docs won't get accepted.

Any ideas?

Cheers :)
Leon

Jamis Buck

1/23/2005 5:41:00 AM

0

On 14:03 Sun 23 Jan , leon breedt wrote:
> On Sat, 22 Jan 2005 23:23:38 +0900, Jamis Buck <jamis_buck@byu.edu> wrote:
> > Actually, Net::SSH needs this. It allows you to explicitly set the
> > key's parameters:
> >
> > rsa = OpenSSL::PKey::RSA.new
> > rsa.e = 1234123432
> > rsa.n = 3453234398
> >
> > DSA and DH keys also allow the empty constructor.
> I noticed :)
>
> >From reading the archives, it appears you've done a fair amount of
> work in terms of finding out what the OpenSSL bindings do.
>
> I'm busy slowly adding RDoc to the OpenSSL bindings, mind if I ask you
> to proofread when I have something more substantial to show?

Well, I figured out what I needed to make Net::SSH work, which is only
a fairly small subset of OpenSSL (mostly just the Bignum stuff, and
keys). I'd be happy to read over your docs, though. Just might not be
give much feedback on most of it. :)

>
> I have very little in the way of experience with OpenSSL, but having
> needed to use it recently in Ruby, I wasted a lot of time trying to
> figure out what to do, so I'm hoping documenting the Ruby bindings
> will alleviate this for the next person who comes along to do it.

Generations to come will bless your name, Leon!

> Its currently not too clear how to add documentation for in-tree stuff
> though, so I've just started adding stuff to ext/ossl/*.c, but I'm
> wary that a massive patch adding the docs won't get accepted.
>
> Any ideas?

Good question. I'm not very familiar with the process of documenting
the modules. James Britt--I assume you'd know more about this?

- Jamis

--
Jamis Buck
jamis_buck@byu.edu
http://jamis.jam...
------------------------------
"I am Victor of Borge. You will be assimil-nine-ed."