pkey 在 OpenSSL 3.0 上是不可变的 [0m (OpenSSL::PKey::PKeyError)

问题描述 投票:0回答:2

有谁知道如何使用现有的私钥和公钥来加密消息?密钥现在是不可变的。

Fastfile:821:in `private_key=': \e[31m[!] pkeys are immutable on OpenSSL 3.0\e[0m (OpenSSL::PKey::PKeyError)

环境:

ruby 3.0.0p0 (2020-12-25 revision 95aff21468) [arm64-darwin21]
openssl (3.1.0, default: 2.2.0)
fastlane | 2.212.2 | ✅ Up-To-Date

示例代码:

def get_force_update_message
    message = "message"
    private_key = "sample_private_key"
    public_key = "sample_public_key"

    # encrypt
    group = OpenSSL::PKey::EC::Group.new('secp256k1')
    key = OpenSSL::PKey::EC.new(group)
    key.private_key = OpenSSL::BN.new(private_key, 16)

    signature = key.dsa_sign_asn1(message)
    signature_base64 = Base64.encode64(signature).gsub("\n", "")

    # verify
    public_key_bn = OpenSSL::BN.new(public_key, 16)
    key.public_key = OpenSSL::PKey::EC::Point.new(group, public_key_bn)
    key.dsa_verify_asn1(message, signature)

    return "#{message}&#{signature_base64}"
  end

错误:

[17:13:51]: Error in your Fastfile at line 821
[17:13:51]:     819:        group = OpenSSL::PKey::EC::Group.new('secp256k1')
[17:13:51]:     820:        key = OpenSSL::PKey::EC.new(group)
[17:13:51]:  => 821:        key.private_key = OpenSSL::BN.new(private_key, 16)
[17:13:51]:     822:    
[17:13:51]:     823:        signature = key.dsa_sign_asn1(message)
[17:13:51]: pkeys are immutable on OpenSSL 3.0

+------+----------------------+-------------+
|             fastlane summary              |
+------+----------------------+-------------+
| Step | Action               | Time (in s) |
+------+----------------------+-------------+
| 1    | default_platform     | 0           |
| 2    | xcodes               | 0           |
| 3    | ensure_env_vars      | 0           |
| 4    | set_info_plist_value | 0           |
| 5    | ensure_env_vars      | 0           |
+------+----------------------+-------------+

[17:13:51]: fastlane finished with errors

Looking for related GitHub issues on fastlane/fastlane...

Found no similar issues. To create a new issue, please visit:
https://github.com/fastlane/fastlane/issues/new
Run `fastlane env` to append the fastlane environment to your issue
Fastfile:821:in `private_key=': \e[31m[!] pkeys are immutable on OpenSSL 3.0\e[0m (OpenSSL::PKey::PKeyError)
    from Fastfile:821:in `get_force_update_message'
    from Fastfile:252:in `block (2 levels) in parsing_binding'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/lane.rb:33:in `call'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/runner.rb:49:in `block in execute'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/runner.rb:45:in `chdir'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/runner.rb:45:in `execute'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/lane_manager.rb:47:in `cruise_lane'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/command_line_handler.rb:36:in `handle'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/commands_generator.rb:110:in `block (2 levels) in run'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/commander-4.6.0/lib/commander/command.rb:187:in `call'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/commander-4.6.0/lib/commander/command.rb:157:in `run'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/commander-4.6.0/lib/commander/runner.rb:444:in `run_active_command'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane_core/lib/fastlane_core/ui/fastlane_runner.rb:124:in `run!'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/commander-4.6.0/lib/commander/delegates.rb:18:in `run!'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/commands_generator.rb:354:in `run'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/commands_generator.rb:43:in `start'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/fastlane/lib/fastlane/cli_tools_distributor.rb:123:in `take_off'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/gems/fastlane-2.212.2/bin/fastlane:23:in `<top (required)>'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/bin/fastlane:25:in `load'
    from /opt/homebrew/Cellar/fastlane/2.212.2/libexec/bin/fastlane:25:in `<main>'
openssl fastlane
2个回答
0
投票

我能够解决这个问题。就我而言,此错误在两种情况下触发:调用 

generate_key
时以及尝试设置 
private_key
值时。

生成私钥,而不是调用例如

key = OpenSSL::PKey::EC.new('prime256v1')
,然后调用 
key.generate_key
,只需调用 
key = OpenSSL::PKey::EC.generate('prime256v1')
(即将 
new
替换为 
generate
)。

就我而言,我将 

private_key
设置为 
nil
,因为它是公钥。事实证明,在生成密钥时,它现在包含 OpenSSL 3 中的私钥和公钥,因此我的代码被简化为这样:

我希望这有帮助。我花了一段时间才弄清楚这些事情。幸运的是,在我的例子中,这只是一个 rspec 失败了,所以在我看来,解决这个问题要容易一些。

这是对我有帮助的文档:https://ruby-doc.org/stdlib-3.1.0/libdoc/openssl/rdoc/OpenSSL/PKey/EC.html

0
投票

这篇文章的建议对我有用:https://github.com/ruby/openssl/issues/498#issuecomment-1065574184

如果您已经有生成的 OpenSSL::PKey::EC 密钥,您可以执行以下操作:

asn1 = OpenSSL::ASN1::Sequence([
OpenSSL::ASN1::Sequence([
    OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
    OpenSSL::ASN1::ObjectId(curve_used_for_initial_ec_key)
]),
OpenSSL::ASN1::BitString(initial_ec_key.public_key.to_octet_string(:uncompressed))
])

ec_key_with_desired_public_key = OpenSSL::PKey::EC.new(asn1.to_der)
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.