Comments (6)
Methods on OpenSSL::PKey::{RSA,DSA,DH,EC}
that modify the receiver object will not work if ruby/openssl is compiled against OpenSSL (the C library) 3.0 or later. This is a backwards-incompatible change introduced by OpenSSL 3.0 and there is nothing ruby/openssl can do.
Instead of OpenSSL::PKey::EC.new(group_name).generate_key!
, please use OpenSSL::PKey::EC.generate(group_name)
.
from openssl.
The library is actually using generate_key
and not generate_key!
the issue is that for this one it looks like generate_key
is aliased to generated_key!
for EC
from openssl.
Yes it is an alias. EC#generate_key
was renamed to EC#generate_key!
(in 2016, for parity with DH#generate_key!
) and the old name was kept as an alias. EC#generate_key
always modified the receiver.
from openssl.
Oh I see, I misread the error message I guess OpenSSL::PKey.generate_key
is the one to use not specific keys ones anymore. Is that correct?
from openssl.
Thanks a lot for your help and time on this :) This all makes sense. Will open a PR on that r509
gem to modify it's usage.
from openssl.
Yes, the following methods will continue to work and do the same thing:
OpenSSL::PKey.generate_key("EC", "ec_paramgen_curve" => "prime256v1")
(the manpageopenssl-genpkey(1)
documentsec_paramgen_curve
and other optional parameters)OpenSSL::PKey::EC.generate("prime256v1")
from openssl.
Related Issues (20)
- FIPS: DH: OpenSSL::PKey.generate_parameters returning a value with block of break. HOT 7
- macos-latest truffeeruby-head: test_basic_response_response_operations failing HOT 3
- truffleruby-head 24.0.0-dev: Failing to compile dependant stringio gem. HOT 14
- OpenSSL 3.2.0 - sessions, time, signed vs unsigned, failure with negative session timeout values HOT 6
- OpenSSL::SSL::SSLContext.new returns SSL_CTX_new: library has no ciphers HOT 6
- Respect system wide minimum TLS version HOT 2
- windows-latest 3.3 case failing with "OpenSSL::Provider::ProviderError: Failed to load legacy provider: (null) (name=legacy)" HOT 8
- OpenSSL::PKey::PKey subclass for EVP_PKEY_RSA_PSS HOT 4
- Error "Failed to build gem native extension." when running "gem install openssl" in Fedora HOT 4
- OpenSSL udate 3.2.1 for CVE-2023-6129 HOT 3
- OpenSSL 3 | Providers | Support broader range of URI schemes for loading keys HOT 3
- OpenSSL 3 support for loading engine keys HOT 3
- OpenSSL version 3.3.0-dev: OpenSSL::ASN1::ASN1Error: utctime/generalizedtime is too short HOT 7
- OpenSSL::ASN1.decode doesn't correctly parse UTCTime or GeneralizedTime with fractional seconds or a timezone
- remove file check to support proxied SSL connection HOT 5
- When decrypted with a different private key, `OpenSSL::PKey::RSAError` does not occur HOT 2
- Upcoming OpenSSL Webinar: Writing Your First OpenSSL Application
- Invalid CSR versions set in regress tests HOT 2
- OpenSSL::SSL::SSLError: SSL_write: unsupported method HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openssl.