[ruby/openssl] pkey: assume generic PKeys contain private components

The EVP interface cannot tell whether if a pkey contains the private components or not. Assume it does if it does not respond to #private?. This fixes the NoMethodError on calling #sign on a generic PKey. https://github.com/ruby/openssl/commit/f4c717bcb2
author: Kazuki Yamaguchi <[email protected]> 2017-03-21 18:23:53 +0900
committer: Kazuki Yamaguchi <[email protected]> 2021-03-16 19:16:11 +0900
commit: 498c8e8f17d5a06244515db163a714e87a4fce76 (patch)
tree: 039e7a97ff803b8e5319ec403324b17010d8024d /ext/openssl/ossl_pkey.c
parent: 1f44640677cc92c105a5b624a021cefdfe645f9a (diff)
1 files changed, 11 insertions, 4 deletions
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 610a83fd2d..8d41623e80 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -252,12 +252,19 @@ GetPrivPKeyPtr(VALUE obj)
 {
     EVP_PKEY *pkey;
 
-    if (rb_funcallv(obj, id_private_q, 0, NULL) != Qtrue) {
-	ossl_raise(rb_eArgError, "Private key is needed.");
-    }
     GetPKey(obj, pkey);
+    if (OSSL_PKEY_IS_PRIVATE(obj))
+        return pkey;
+    /*
+     * The EVP API does not provide a way to check if the EVP_PKEY has private
+     * components. Assuming it does...
+     */
+    if (!rb_respond_to(obj, id_private_q))
+        return pkey;
+    if (RTEST(rb_funcallv(obj, id_private_q, 0, NULL)))
+        return pkey;
 
-    return pkey;
+    rb_raise(rb_eArgError, "private key is needed");
 }
 
 EVP_PKEY *
author	Kazuki Yamaguchi <[email protected]>	2017-03-21 18:23:53 +0900
committer	Kazuki Yamaguchi <[email protected]>	2021-03-16 19:16:11 +0900
commit	498c8e8f17d5a06244515db163a714e87a4fce76 (patch)
tree	039e7a97ff803b8e5319ec403324b17010d8024d /ext/openssl/ossl_pkey.c
parent	1f44640677cc92c105a5b624a021cefdfe645f9a (diff)