OpenSSL::PKey::EC verification discrepancy between Ruby and JRuby

In Ruby, EC signatures are verified with [`dsa_verify_asn1`](https://docs.ruby-lang.org/en/3.0.0/OpenSSL/PKey/EC.html#method-i-dsa_verify_asn1). However, in this JRuby implementation, such method is missing - instead, EC signature verification is done via [the `verify` method inherited from `PKey`](https://github.com/jruby/jruby-openssl/blob/master/src/main/java/org/jruby/ext/openssl/PKey.java#L249).

This discrepancy causes problems at least with the [ruby-jwt gem's EC functionality](https://github.com/jwt/ruby-jwt/blob/master/lib/jwt/algos/ecdsa.rb#L35), which tries to use `dsa_verify_asn1`.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

OpenSSL::PKey::EC verification discrepancy between Ruby and JRuby #241

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

OpenSSL::PKey::EC verification discrepancy between Ruby and JRuby #241

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions