Skip to content

OpenSSL::PKey::PKeyError in U2F::FakeU2F #74

New issue
New issue
Open
Open
OpenSSL::PKey::PKeyError in U2F::FakeU2F#74
@klausmeyer

Description

@klausmeyer
klausmeyer
opened on Jul 6, 2023

Hi,

I've just tried to upgrade one of our apps using this gem to Ruby 3.2 and together with that switched to OpenSSL 3 as we're using the official ruby:3.2-alpine Docker image.

When running our test-suite (which leverages U2F::FakeU2F) now I'm getting the following error:

OpenSSL::PKey::PKeyError:
  pkeys are immutable on OpenSSL 3.0
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:187:in `group='
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:187:in `block in generate_ec_key'
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:186:in `generate_ec_key'
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:157:in `origin_key'
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:60:in `origin_public_key_raw'
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:82:in `reg_registration_data'
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/u2f-1.0.0/lib/u2f/fake_u2f.rb:35:in `register_response'
# ./spec/support/fake_device.rb:26:in `register'
# ./spec/fos-confirmable/serializers/fos/confirmable/action_serializer_spec.rb:59:in `block (3 levels) in <top (required)>'
# /Users/kmeyer/.rvm/gems/ruby-3.2.2@service-dbs-confirmables/gems/webmock-3.18.1/lib/webmock/rspec.rb:37:in `block (2 levels) in <top (required)>'

Here the relevant snippet from our test setup:

U2F::FakeU2F.new(url)

For now I've fixed it with the following Monkey Patch in our app:

class U2F::FakeU2F
  def generate_ec_key
    OpenSSL::PKey::EC.generate(CURVE_NAME)
  end
end

Mainly using #generate instead of .new and #tap to not modify the PKey object.

The define_singleton_method calls inside the block of the original implementation I skipped as they seem to only be necessary in older ruby versions but could technically left in place.

Please let me know if I should provide a PR to address this issue.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions