Fix private key immutability error when using OpenSSL 3.0 #64

q9f · debreczeni · web-flow · commit b9f3432ab73c · 2023-01-05T15:18:34.000+01:00
* ci: enhance os/ruby matrix * gem: update deps * docs: happy new year * Fix private key immutability error when using OpenSSL 3.0 #64 Co-authored-by: David Debreczeni <david.debreczeni@gmail.com> * deps: force a specific gem config * ci: add openssl config * ci: condense matrix * ci: clean up Co-authored-by: David Debreczeni <david.debreczeni@gmail.com>
diff --git a/.github/workflows/code.yml b/.github/workflows/code.yml
@@ -24,18 +24,18 @@ jobs:
           - ruby
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: "Initialize CodeQL"
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@v2
         with:
           languages: "${{ matrix.language }}"
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v1
+        uses: github/codeql-action/autobuild@v2
       - name: "Perform CodeQL Analysis"
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@v2
       - uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '2.7'
+          ruby-version: '3.0'
           bundler-cache: true
       - name: "Run rufo code formatting checks"
         run: |
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -13,14 +13,14 @@ jobs:
     - uses: actions/checkout@v2
     - uses: ruby/setup-ruby@v1
       with:
-        ruby-version: '2.7'
+        ruby-version: '3.0'
         bundler-cache: true
     - name: Run Yard Doc
       run: |
         gem install yard
         yard doc
     - name: Deploy GH Pages
-      uses: JamesIves/github-pages-deploy-action@4.1.7
+      uses: JamesIves/github-pages-deploy-action@4.4.1
       with:
           branch: gh-pages
           folder: doc/
diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml
@@ -16,7 +16,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-22.04, macos-12]
-        ruby: ['2.7', '3.0', '3.1']
+        ruby: ['3.0', '3.1', '3.2']
     steps:
     - uses: actions/checkout@v2
     - uses: ruby/setup-ruby@v1
diff --git a/Gemfile b/Gemfile
@@ -5,8 +5,8 @@ group :test, :development do
   gem "codecov", "~> 0.6"
   gem "pry", "~> 0.14"
   gem "rake", "~> 13.0"
-  gem "rdoc", "~> 6.3"
-  gem "rspec", "~> 3.10"
+  gem "rdoc", "~> 6.5"
+  gem "rspec", "~> 3.12"
   gem "rufo", "~> 0.13"
   gem "simplecov", "~> 0.21"
   gem "yard", "~> 0.9"
diff --git a/LICENSE.txt b/LICENSE.txt
@@ -1,4 +1,4 @@
-Copyright (c) 2013-22 Micah Winkelspecht
+Copyright (c) 2013-23 Micah Winkelspecht
 
 MIT License
 
diff --git a/config/openssl.conf b/config/openssl.conf
@@ -0,0 +1,14 @@
+openssl_conf = openssl_init
+
+[openssl_init]
+providers = provider_sect
+
+[provider_sect]
+default = default_sect
+legacy = legacy_sect
+
+[default_sect]
+activate = 1
+
+[legacy_sect]
+activate = 1
diff --git a/lib/money-tree/key.rb b/lib/money-tree/key.rb
@@ -39,31 +39,38 @@ def to_i
   class PrivateKey < Key
     def initialize(opts = {})
       @options = opts
-      @ec_key = PKey::EC.new GROUP_NAME
+      generate
       if @options[:key]
         @raw_key = @options[:key]
         @key = parse_raw_key
         import
       else
-        generate
         @key = to_hex
       end
     end
 
     def generate
-      ec_key.generate_key
+      @ec_key = PKey::EC.generate GROUP_NAME
     end
 
     def import
-      ec_key.private_key = BN.new(key, 16)
-      set_public_key
+      @ec_key = OpenSSL::PKey::EC.new(data_sequence.to_der)
+    end
+
+    def data_sequence
+      OpenSSL::ASN1::Sequence([
+        OpenSSL::ASN1::Integer(1),
+        OpenSSL::ASN1::OctetString(OpenSSL::BN.new(key, 16).to_s(2)),
+        OpenSSL::ASN1::ObjectId(GROUP_NAME, 0, :EXPLICIT),
+        OpenSSL::ASN1::BitString(calculate_public_key.to_octet_string(:uncompressed), 1, :EXPLICIT),
+      ])
     end
 
     def calculate_public_key(opts = {})
       opts[:compressed] = true unless opts[:compressed] == false
       group = ec_key.group
       group.point_conversion_form = opts[:compressed] ? :compressed : :uncompressed
-      point = group.generator.mul ec_key.private_key
+      point = group.generator.mul OpenSSL::BN.new(key, 16)
     end
 
     def set_public_key(opts = {})
diff --git a/money-tree.gemspec b/money-tree.gemspec
@@ -28,6 +28,6 @@ Gem::Specification.new do |spec|
   spec.platform = Gem::Platform::RUBY
   spec.required_ruby_version = ">= 2.7", "< 4.0"
 
-  spec.add_dependency "openssl", "~> 3.0"
-  spec.add_dependency "bech32", "~> 1.2"
+  spec.add_dependency "openssl", "~> 3.1"
+  spec.add_dependency "bech32", "~> 1.3"
 end
diff --git a/spec/money-tree/openssl_extensions_spec.rb b/spec/money-tree/openssl_extensions_spec.rb
@@ -22,8 +22,8 @@
   include MoneyTree::OpenSSLExtensions
 
   context "with inputs" do
-    let(:key1) { OpenSSL::PKey::EC.new("secp256k1").generate_key }
-    let(:key2) { OpenSSL::PKey::EC.new("secp256k1").generate_key }
+    let(:key1) { OpenSSL::PKey::EC.generate("secp256k1") }
+    let(:key2) { OpenSSL::PKey::EC.generate("secp256k1") }
     let(:point_1) { key1.public_key }
     let(:point_2) { key2.public_key }
 

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-Copyright (c) 2013-22 Micah Winkelspecht`
	`1`	`+Copyright (c) 2013-23 Micah Winkelspecht`
`2`	`2`
`3`	`3`	`MIT License`
`4`	`4`