jruby-openssl
jruby-openssl copied to clipboard
jruby
Incorrect PEM output for EC key
I’m trying to generate an EC key and convert it to PEM format, but the output is not what I expected.
How to reproduce
Run this code:
require 'openssl'
key = OpenSSL::PKey::EC.generate("prime256v1")
puts key.to_pem
What happens
The output looks incorrect/truncated. Example:
-----BEGIN EC PRIVATE KEY-----
MCUCAQEEIL2oh0ec1uDeFFhc45+w3fngGxTTTSsTNOxVwYq3SQq8
-----END EC PRIVATE KEY-----
What I expected
I expected a longer key.
If I generate a key using OpenSSL on the command line, I get a much longer key.
Example of valid key:
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIN1SuMyzD5ImSlbdFflU6Ta7ksKVLJ4HPxl2nBgza9/QoAoGCCqGSM49
AwEHoUQDQgAEWySdTOUxUJdN4tINQnN1HPoPTFqi7WDbN23MXfTXffAYxMsgE3fC
DccH87ZyGm8gnmzCywUnYFJ54i4tumW8OQ==
-----END EC PRIVATE KEY-----
About my environment
jruby-openssl version: default: 0.15.0 java
JRuby version: jruby 9.4.9.0 (3.1.4) 2024-11-04 547c6b150e OpenJDK 64-Bit Server VM 23.0.1 on 23.0.1 +jit [arm64-darwin]
JRE:
openjdk version "17.0.7" 2023-04-18
OpenJDK Runtime Environment Temurin-17.0.7+7 (build 17.0.7+7)
OpenJDK 64-Bit Server VM Temurin-17.0.7+7 (build 17.0.7+7, mixed mode)
Workaround for generating a key:
command = ['openssl', 'ecparam', '-name', 'prime256v1', '-genkey', '-noout']
pem, err, status = Open3.capture3(*command)
if !status.success?
warn "ERROR: Couldn’t generate key: #{err}"
end
key = OpenSSL::PKey::EC.new(pem)