Hi all, I have a question about openssl library
Here it is.
‘Security on rails’ book has a sample
require ‘openssl’
include OpenSSL
private_key2 = PKey::RSA.new(File.read(“host.key”))
cert2 = X509::Certificate.new(File.read(‘host.crt’))
input = “Test string”
signature2 = private_key2.sign(OpenSSL::Digest::SHA512.new, input)
is_verified2 = cert2.public_key.verify(OpenSSL::Digest::SHA512.new,
signature2, input)
puts is_verified2
All works well until I switched to ec algorithm
Example:
localhost:openssl roman$ openssl ecparam -name secp521r1 -genkey -
out ./ca/ca.key
localhost:openssl roman$ openssl req -new -key ./ca/ca.key -sha512 -
out ./ca/ca.req
localhost:openssl roman$ openssl ca -days 365 -policy policy_anything -
keyfile ./ca/ca.key -in ./ca/ca.req -selfsign -out ./ca/ca.crt -
outdir ./ca
All files prepared. Let’s test the code
private_key1 = PKey::EC.new(File.read("./ca/ca.key"))
cert1 = X509::Certificate.new(File.read(’./ca/ca.crt’))
input = “Test string”
signature = private_key1.sign(OpenSSL::Digest::SHA1.new, input)
output is:
undefined method `private?’ for #OpenSSL::PKey::EC:0x100378740
actually OpenSSL::PKey::EC doesn’t have method ‘private?’
but OpenSSL::PKey::RSA has.
I tried to add method
def private_key1.private?
self.private_key?
end
But another error exists
signature1 = private_key1.sign(OpenSSL::Digest::SHA1.new, input)
outputs:
OpenSSL::PKey::PKeyError: wrong public key type
Can anyone explain where is the error here?
TIA Roman