From: merch-redmine@... Date: 2019-07-24T22:57:29+00:00 Subject: [ruby-core:93905] [Ruby master Feature#12354] PKey::EC Can't output public key pem when private key exists Issue #12354 has been updated by jeremyevans0 (Jeremy Evans). Backport deleted (2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN) ruby -v deleted (ruby 2.2.4p230 (2015-12-16 revision 53155) [x86_64-linux]) Tracker changed from Bug to Feature The following is a way to generate a PEM for a `OpenSSL::PKey::EC` with both a private and a public key without allocating a new `OpenSSL::PKey::EC`: ``` pk = key.private_key key.private_key = nil key.to_pem key.private_key = key ``` I agree that this approach is suboptimal, and it may be worthwhile to add a method for this, or a keyword argument to `to_pem`. However, that is a request for a new feature, not a bug fix. I checked and `OpenSSL::PKey::RSA` doesn't have the same issue because `OpenSSL::PKey::RSA#public_key` returns `OpenSSL::PKey::RSA` (`OpenSSL::PKey::EC` returns `OpenSSL::PKey::EC::Point`). However, it still requires allocating a new `OpenSSL::PKey::RSA` object. ---------------------------------------- Feature #12354: PKey::EC Can't output public key pem when private key exists https://bugs.ruby-lang.org/issues/12354#change-79988 * Author: armour (Armour Comms) * Status: Assigned * Priority: Normal * Assignee: rhenium (Kazuki Yamaguchi) * Target version: ---------------------------------------- Steps to reproduce: Create EC key: ```ruby key = OpenSSL::PKey::EC.new("prime256v1") key.generate_key ``` Try and output in pem format ```ruby key.to_pem #Outputs private key pem key.public_key.to_pem #Error ``` In order to output a public key pem, a new key object must be created with no private key: ```ruby key_pub = OpenSSL::PKey::EC.new(key.group) key_pub.public_key = key.public_key ``` Output pem ```ruby key_pub.to_pem #Success! ``` From viewing the source, http://rxr.whitequark.org/mri/source/ext/openssl/ossl_pkey_ec.c#466 it seems that if the key is private there is no way to output a public key for that key object -- https://bugs.ruby-lang.org/ Unsubscribe: