OpenSSL Encrypted RSA pem fails on encryption and decryption. Incompatible with CRuby.

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: JRuby 1.6.4
Fix Version/s: JRuby-OSSL 0.7.5
Component/s: OpenSSL
Labels:
None
Environment:
Win32, Java6 and Java7, JCE Unlimited Strength enabled

Number of attachments :
0

Description

Loading and creating RSA keys from JRuby OpenSSL fails on encrypted RSA pem with password. Works in CRuby.

Examples:

1. Saving Encrypted PEM
  pkeys = OpenSSL::PKey::RSA.generate(1024)
  cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
  pem = pkeys.to_pem(cipher, 'secretpassword') # Fails with OpenSSL::PKey::RSAError: unknown algorithm `aes/cbc/PKCS5Padding' in write_DSAPrivateKey

1. Reading Encrypted PEM
2. pemstring loaded from previously created file)
  OpenSSL::Pkey::RSA.new(pemstring, 'secretpassword') # Fails with not pub/priv key error. Works in CRuby.

Activity

Ascending order - Click to sort in descending order

Hiroshi Nakamura made changes - 07/Sep/11 2:39 AM

Field	Original Value	New Value
Assignee		Hiroshi Nakamura [ nahi ]

Hide

Permalink

Hiroshi Nakamura added a comment - 08/Sep/11 1:39 AM

Mark as 'Major' not 'Minor', since I received the same report from another person.

Show

Hiroshi Nakamura added a comment - 08/Sep/11 1:39 AM Mark as 'Major' not 'Minor', since I received the same report from another person.

Hiroshi Nakamura made changes - 08/Sep/11 1:39 AM

Priority

Minor [ 4 ]

Major [ 3 ]

Hide

Permalink

Hiroshi Nakamura added a comment - 08/Sep/11 6:17 AM

commit 34fd63a601bdd811e448195a4d66a9b1d1aaafe8
Author: Hiroshi Nakamura <nahi@ruby-lang.org>
Date:   Thu Sep 8 19:52:51 2011 +0900

    JRUBY-6044: Improve Ecrypted RSA pem support
    
    DSA and DH are not yet supported.

Show

Hiroshi Nakamura added a comment - 08/Sep/11 6:17 AM commit 34fd63a601bdd811e448195a4d66a9b1d1aaafe8 Author: Hiroshi Nakamura <nahi@ruby-lang.org> Date: Thu Sep 8 19:52:51 2011 +0900 JRUBY-6044: Improve Ecrypted RSA pem support DSA and DH are not yet supported.

Hide

Permalink

Hiroshi Nakamura added a comment - 08/Sep/11 8:09 AM

There's no encrypted DH key support. Closing.

commit 310dd6311d0aa0d9339b32c5d9aae891bd93da81
Author: Hiroshi Nakamura <nahi@ruby-lang.org>
Date:   Thu Sep 8 21:43:12 2011 +0900

    JRUBY-6044: Improve Ecrypted DSA pem support

Show

Hiroshi Nakamura added a comment - 08/Sep/11 8:09 AM There's no encrypted DH key support. Closing. commit 310dd6311d0aa0d9339b32c5d9aae891bd93da81 Author: Hiroshi Nakamura <nahi@ruby-lang.org> Date: Thu Sep 8 21:43:12 2011 +0900 JRUBY-6044: Improve Ecrypted DSA pem support

Hiroshi Nakamura made changes - 08/Sep/11 8:09 AM

Status	Open [ 1 ]	Resolved [ 5 ]
Fix Version/s		JRuby-OSSL 0.7.5 [ 17395 ]
Fix Version/s	JRuby 1.x+ [ 13421 ]
Resolution		Fixed [ 1 ]

People

Assignee:

Hiroshi Nakamura

Reporter:

Mark Baran

Vote (0)

Watch (0)

Dates

Created:

06/Sep/11 1:34 PM

Updated:

08/Sep/11 8:09 AM

Resolved:

08/Sep/11 8:09 AM