[ruby/openssl] pkey: assume generic PKeys contain private components

The EVP interface cannot tell whether if a pkey contains the private components or not. Assume it does if it does not respond to #private?. This fixes the NoMethodError on calling #sign on a generic PKey. https://github.com/ruby/openssl/commit/f4c717bcb2
2017-03-21 18:23:53 +09:00 · 2017-03-21 18:23:53 +09:00 · 498c8e8f17
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@ -252,12 +252,19 @@ GetPrivPKeyPtr(VALUE obj)
 {
    EVP_PKEY *pkey;

-    if (rb_funcallv(obj, id_private_q, 0, NULL) != Qtrue) {
-	ossl_raise(rb_eArgError, "Private key is needed.");
-    }
    GetPKey(obj, pkey);
+    if (OSSL_PKEY_IS_PRIVATE(obj))
+        return pkey;
+    /*
+     * The EVP API does not provide a way to check if the EVP_PKEY has private
+     * components. Assuming it does...
+     */
+    if (!rb_respond_to(obj, id_private_q))
+        return pkey;
+    if (RTEST(rb_funcallv(obj, id_private_q, 0, NULL)))
+        return pkey;

-    return pkey;
+    rb_raise(rb_eArgError, "private key is needed");
 }

 EVP_PKEY *