[ruby/openssl] Add Marshal support to PKey objects

c4374ff041
2022-11-09 12:17:21 -05:00 · 2020-04-19 17:00:01 -04:00 · 2020-04-19 17:00:01 -04:00 · 3f8665fe0e
commit 3f8665fe0e
parent fcd2576290
8 changed files with 85 additions and 23 deletions
--- a/ext/openssl/History.md
+++ b/ext/openssl/History.md
@ -24,8 +24,9 @@ Notable changes
 * Add `OpenSSL::SSL::SSLSocket.open` for opening a `TCPSocket` and
  returning an `OpenSSL::SSL::SSLSocket` for it.
  [[GitHub #225]](https://github.com/ruby/openssl/issues/225)
-* Support marshalling of `OpenSSL::X509` objects.
+* Support marshalling of `OpenSSL::X509` and `OpenSSL::PKey` objects.
  [[GitHub #281]](https://github.com/ruby/openssl/pull/281)
+  [[GitHub #363]](https://github.com/ruby/openssl/pull/363)
 * Add `OpenSSL.secure_compare` for timing safe string comparison for
  strings of possibly unequal length.
  [[GitHub #280]](https://github.com/ruby/openssl/pull/280)
--- a/ext/openssl/lib/openssl/marshal.rb
+++ b/ext/openssl/lib/openssl/marshal.rb
@ -0,0 +1,30 @@
+# frozen_string_literal: true
+#--
+# = Ruby-space definitions to add DER (de)serialization to classes
+#
+# = Info
+# 'OpenSSL for Ruby 2' project
+# Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
+# All rights reserved.
+#
+# = Licence
+# This program is licensed under the same licence as Ruby.
+# (See the file 'LICENCE'.)
+#++
+module OpenSSL
+  module Marshal
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    module ClassMethods
+      def _load(string)
+        new(string)
+      end
+    end
+
+    def _dump(_level)
+      to_der
+    end
+  end
+end
--- a/ext/openssl/lib/openssl/pkey.rb
+++ b/ext/openssl/lib/openssl/pkey.rb
@ -4,8 +4,21 @@
 # Copyright (C) 2017 Ruby/OpenSSL Project Authors
 #++

+require_relative 'marshal'
+
 module OpenSSL::PKey
+  class DH
+    include OpenSSL::Marshal
+  end
+
+  class DSA
+    include OpenSSL::Marshal
+  end
+
  if defined?(EC)
+  class EC
+    include OpenSSL::Marshal
+  end
  class EC::Point
    # :call-seq:
    #    point.to_bn([conversion_form]) -> OpenSSL::BN
@ -22,4 +35,8 @@ module OpenSSL::PKey
    end
  end
  end
+
+  class RSA
+    include OpenSSL::Marshal
+  end
 end
--- a/ext/openssl/lib/openssl/x509.rb
+++ b/ext/openssl/lib/openssl/x509.rb
@ -12,24 +12,10 @@
 # (See the file 'LICENCE'.)
 #++

+require_relative 'marshal'
+
 module OpenSSL
  module X509
-    module Marshal
-      def self.included(base)
-        base.extend(ClassMethods)
-      end
-
-      module ClassMethods
-        def _load(string)
-          new(string)
-        end
-      end
-
-      def _dump(_level)
-        to_der
-      end
-    end
-
    class ExtensionFactory
      def create_extension(*arg)
        if arg.size > 1
@ -57,7 +43,7 @@ module OpenSSL
    end

    class Extension
-      include Marshal
+      include OpenSSL::Marshal

      def ==(other)
        return false unless Extension === other
@ -216,7 +202,7 @@ module OpenSSL
    end

    class Name
-      include Marshal
+      include OpenSSL::Marshal

      module RFC2253DN
        Special = ',=+<>#;'
@ -321,7 +307,7 @@ module OpenSSL
    end

    class Attribute
-      include Marshal
+      include OpenSSL::Marshal

      def ==(other)
        return false unless Attribute === other
@ -336,7 +322,7 @@ module OpenSSL
    end

    class Certificate
-      include Marshal
+      include OpenSSL::Marshal
      include Extension::SubjectKeyIdentifier
      include Extension::AuthorityKeyIdentifier
      include Extension::CRLDistributionPoints
@ -355,7 +341,7 @@ module OpenSSL
    end

    class CRL
-      include Marshal
+      include OpenSSL::Marshal
      include Extension::AuthorityKeyIdentifier

      def ==(other)
@ -372,7 +358,7 @@ module OpenSSL
    end

    class Request
-      include Marshal
+      include OpenSSL::Marshal

      def ==(other)
        return false unless Request === other
--- a/test/openssl/test_pkey_dh.rb
+++ b/test/openssl/test_pkey_dh.rb
@ -74,6 +74,13 @@ class OpenSSL::TestPKeyDH < OpenSSL::PKeyTestCase
    assert_equal dh2.g, dh.g
  end

+  def test_marshal
+    dh = Fixtures.pkey("dh1024")
+    deserialized = Marshal.load(Marshal.dump(dh))
+
+    assert_equal dh.to_der, deserialized.to_der
+  end
+
  private

  def assert_equal_params(dh1, dh2)
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@ -191,6 +191,13 @@ fWLOqqkzFeRrYMDzUpl36XktY6Yq8EJYlW9pCMmBVNy/dQ==
    assert_not_equal key.params, key2.params
  end

+  def test_marshal
+    key = Fixtures.pkey("dsa1024")
+    deserialized = Marshal.load(Marshal.dump(key))
+
+    assert_equal key.to_der, deserialized.to_der
+  end
+
  private
  def assert_same_dsa(expected, key)
    check_component(expected, key, [:p, :q, :g, :pub_key, :priv_key])
--- a/test/openssl/test_pkey_ec.rb
+++ b/test/openssl/test_pkey_ec.rb
@ -52,6 +52,13 @@ class OpenSSL::TestEC < OpenSSL::PKeyTestCase
    assert_equal(true, ec.private?)
  end

+  def test_marshal
+    key = Fixtures.pkey("p256")
+    deserialized = Marshal.load(Marshal.dump(key))
+
+    assert_equal key.to_der, deserialized.to_der
+  end
+
  def test_check_key
    key = OpenSSL::PKey::EC.new("prime256v1").generate_key!
    assert_equal(true, key.check_key)
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@ -443,6 +443,13 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
    assert_not_equal key.params, key2.params
  end

+  def test_marshal
+    key = Fixtures.pkey("rsa2048")
+    deserialized = Marshal.load(Marshal.dump(key))
+
+    assert_equal key.to_der, deserialized.to_der
+  end
+
  private
  def assert_same_rsa(expected, key)
    check_component(expected, key, [:n, :e, :d, :p, :q, :dmp1, :dmq1, :iqmp])