pkey: make PKey.read raise PKey::PKeyError rather than ArgumentError

PKey.read is a generic method to load an arbitrary PKey structure from a PEM or DER encoded String. Each PKey classes's constructor also can load from a String, but the behavior on error is different. While they raises its own exception (are subclasses of PKey::PKeyError), PKey.read raises ArgumentError. [Bug #11774]
ruby · Jul 8, 2016 · 6c09fd3 · 6c09fd3
1 parent 1b8bcdb
commit 6c09fd3
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 5 deletions.
diff --git a/NEWS b/NEWS
@@ -35,6 +35,10 @@ Backward compatibility notes
 * RC4 cipher suites are removed from OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.
   RC4 is now considered to be weak. [GH ruby/openssl#50]
 
+* OpenSSL::PKey.read raises OpenSSL::PKey::PKeyError instead of ArgumentError
+  for consistency with OpenSSL::PKey::{DH,DSA,RSA,EC}#new.
+  [Bug #11774] [GH ruby/openssl#55]
+
 Updates since Ruby 2.3
 ----------------------
 
@@ -79,6 +83,10 @@ Updates since Ruby 2.3
     OpenSSL::PKey::DSA#set_pqg, #set_key, OpenSSL::PKey::DH#set_pqg and #set_key
     are added.
 
+  - OpenSSL::PKey.read raises OpenSSL::PKey::PKeyError instead of ArgumentError
+    for consistency with OpenSSL::PKey::{DH,DSA,RSA,EC}#new.
+    [Bug #11774] [GH ruby/openssl#55]
+
 * OpenSSL::Random
 
   - OpenSSL::Random.pseudo_bytes is deprecated, and not defined when built with

diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
@@ -158,7 +158,8 @@ ossl_pkey_new_from_data(int argc, VALUE *argv, VALUE self)
 
     BIO_free(bio);
     if (!pkey)
-	ossl_raise(rb_eArgError, "Could not parse PKey");
+	ossl_raise(ePKeyError, "Could not parse PKey");
+
     return ossl_pkey_new(pkey);
 }
 

diff --git a/test/test_pkey_dsa.rb b/test/test_pkey_dsa.rb
@@ -221,7 +221,7 @@ def test_export_password_length
   def test_export_password_funny
     key = OpenSSL::TestUtils::TEST_KEY_DSA256
     pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd")
-    assert_raise(ArgumentError) do
+    assert_raise(OpenSSL::PKey::PKeyError) do
       OpenSSL::PKey.read(pem, "pass")
     end
     key2 = OpenSSL::PKey.read(pem, "pass\0wd")

diff --git a/test/test_pkey_ec.rb b/test/test_pkey_ec.rb
@@ -233,7 +233,7 @@ def test_export_password_length
   def test_export_password_funny
     key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
     pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd")
-    assert_raise(ArgumentError) do
+    assert_raise(OpenSSL::PKey::PKeyError) do
       OpenSSL::PKey.read(pem, "pass")
     end
     key2 = OpenSSL::PKey.read(pem, "pass\0wd")

diff --git a/test/test_pkey_rsa.rb b/test/test_pkey_rsa.rb
@@ -260,7 +260,7 @@ def test_read_private_key_pem_pw
   def test_read_private_key_pem_pw_exception
     pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret')
     # it raises an ArgumentError from PEM reading. The exception raised inside are ignored for now.
-    assert_raise(ArgumentError) do
+    assert_raise(OpenSSL::PKey::PKeyError) do
       OpenSSL::PKey.read(pem) do
         raise RuntimeError
       end
@@ -285,7 +285,7 @@ def test_export_password_funny
     end
     # password containing NUL byte
     pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd")
-    assert_raise(ArgumentError) do
+    assert_raise(OpenSSL::PKey::PKeyError) do
       OpenSSL::PKey.read(pem, "pass")
     end
     key2 = OpenSSL::PKey.read(pem, "pass\0wd")