From: Roman Catz on
Hi all, I have a question about openssl library
Here it is.

'Security on rails' book has a sample

require 'openssl'
include OpenSSL

private_key2 = PKey::RSA.new(File.read("host.key"))
cert2 = X509::Certificate.new(File.read('host.crt'))

input = "Test string"
signature2 = private_key2.sign(OpenSSL::Digest::SHA512.new, input)

is_verified2 = cert2.public_key.verify(OpenSSL::Digest::SHA512.new,
signature2, input)
puts is_verified2

All works well until I switched to ec algorithm

Example:
localhost:openssl roman$ openssl ecparam -name secp521r1 -genkey -
out ./ca/ca.key
localhost:openssl roman$ openssl req -new -key ./ca/ca.key -sha512 -
out ./ca/ca.req

localhost:openssl roman$ openssl ca -days 365 -policy policy_anything -
keyfile ./ca/ca.key -in ./ca/ca.req -selfsign -out ./ca/ca.crt -
outdir ./ca

All files prepared. Let's test the code

private_key1 = PKey::EC.new(File.read("./ca/ca.key"))
cert1 = X509::Certificate.new(File.read('./ca/ca.crt'))
input = "Test string"
signature = private_key1.sign(OpenSSL::Digest::SHA1.new, input)

output is:
undefined method `private?' for #<OpenSSL::PKey::EC:0x100378740>

actually OpenSSL::PKey::EC doesn't have method 'private?'
but OpenSSL::PKey::RSA has.

I tried to add method

def private_key1.private?
self.private_key?
end

But another error exists

signature1 = private_key1.sign(OpenSSL::Digest::SHA1.new, input)
outputs:
OpenSSL::PKey::PKeyError: wrong public key type

Can anyone explain where is the error here?

TIA Roman