From 6e1bb8edfbeffb8ee66be58a08e924bb2dcc8b50 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Wed, 29 Dec 2021 17:14:53 -0500 Subject: [PATCH] Fix DSA key generation to use a 160 Q bit value in Ruby 3.1 / OpenSSL 3.0. --- lib/ssh_data/private_key/dsa.rb | 14 +++++++++++++- spec/private_key/dsa_spec.rb | 2 +- spec/public_key/dsa_spec.rb | 2 +- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/lib/ssh_data/private_key/dsa.rb b/lib/ssh_data/private_key/dsa.rb index 81233e6..c7c228a 100644 --- a/lib/ssh_data/private_key/dsa.rb +++ b/lib/ssh_data/private_key/dsa.rb @@ -7,7 +7,19 @@ # # Returns a PublicKey::Base subclass instance. def self.generate - from_openssl(OpenSSL::PKey::DSA.generate(1024)) + openssl_key = + if defined?(OpenSSL::PKey.generate_parameters) + dsa_parameters = OpenSSL::PKey.generate_parameters("DSA", { + dsa_paramgen_bits: 1024, + dsa_paramgen_q_bits: 160 + }) + + OpenSSL::PKey.generate_key(dsa_parameters) + else + OpenSSL::PKey::DSA.generate(1024) + end + + from_openssl(openssl_key) end # Import an openssl private key. diff --git a/spec/private_key/dsa_spec.rb b/spec/private_key/dsa_spec.rb index bf0a106..49f8bae 100644 --- a/spec/private_key/dsa_spec.rb +++ b/spec/private_key/dsa_spec.rb @@ -1,7 +1,7 @@ require_relative "../spec_helper" describe SSHData::PrivateKey::DSA do - let(:private_key) { OpenSSL::PKey::DSA.generate(1024) } + let(:private_key) { SSHData::PrivateKey::DSA.generate.openssl } let(:public_key) { private_key.public_key } let(:params) { private_key.params } let(:message) { "hello, world!" } diff --git a/spec/public_key/dsa_spec.rb b/spec/public_key/dsa_spec.rb index dba9b1e..d86048f 100644 --- a/spec/public_key/dsa_spec.rb +++ b/spec/public_key/dsa_spec.rb @@ -1,7 +1,7 @@ require_relative "../spec_helper" describe SSHData::PublicKey::DSA do - let(:private_key) { OpenSSL::PKey::DSA.generate(1024) } + let(:private_key) { SSHData::PrivateKey::DSA.generate.openssl } let(:public_key) { private_key.public_key } let(:params) { public_key.params }