[#76442] [Ruby trunk Feature#11741] Migrate Ruby to Git from Subversion — naruse@...
Issue #11741 has been updated by Yui NARUSE.
3 messages
2016/07/19
[#76515] [Ruby trunk Bug#12610] webrick: protect from httpoxy — nagachika00@...
Issue #12610 has been updated by Tomoyuki Chikanaga.
3 messages
2016/07/22
[ruby-core:76223] [Ruby trunk Bug#10257][Closed] Generate X.509 certificate/request/CRL with elliptic curve keys
From:
k@...
Date:
2016-07-02 02:42:10 UTC
List:
ruby-core #76223
Issue #10257 has been updated by Kazuki Yamaguchi. Status changed from Open to Closed This is fixed by r55098. (See also [Bug #6567]). The 'no shared cipher' is another issue. ext/openssl didn't support ephemeral ECDH in server mode at that time. ---------------------------------------- Bug #10257: Generate X.509 certificate/request/CRL with elliptic curve keys https://bugs.ruby-lang.org/issues/10257#change-59447 * Author: John Downey * Status: Closed * Priority: Normal * Assignee: openssl * ruby -v: ruby 2.2.0dev (2014-09-18 trunk 47624) [x86_64-darwin13] * Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN ---------------------------------------- Elliptic curve keys (`OpenSSL::PKey::EC`) cannot currently be used with the X.509 classes in Ruby OpenSSL. This is due to a few slight incompatibilities between the way RSA/DSA are implemented and the way EC is implemented. * `OpenSSL::PKey::EC` does not respond to `#private?` which is used by the `#sign` method on `OpenSSL::X509::Certificate`, `OpenSSL::X509::Request`, and `OpenSSL::X509::CRL` * The `#public_key` method on `OpenSSL::PKey::EC` returns a `OpenSSL::PKey::EC::Point` instead of a `OpenSSL::PKey::EC` object with just public key fields This patch adds an alias for `#public?` and `#private?` to `OpenSSL::PKey::EC` that correspond to `#public_key?` and `#private_key?`. This brings it in line with the same interface on `OpenSSL::PKey::RSA` and `OpenSSL::PKey::DSA`. This also allows the key to be used with the X.509 classes I mentioned. The second issue is unfortunately more complex as it does not look like it is possible to fix without either breaking backwards compatibility or putting some branching deeper in `OpenSSL::X509::Certificate`, `OpenSSL::X509::Request`, and `OpenSSL::X509::CRL`. The good news is you can pass the private `OpenSSL::PKey::EC` key to `#public_key=` and it still does the right thing. ---Files-------------------------------- ec_x509.patch (8.06 KB) -- https://bugs.ruby-lang.org/ Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>