fail consistenly when ed25519 gem isn't loaded

btoews · btoews · commit 2438cc9f7fea · 2019-06-24T14:40:33.000-06:00
diff --git a/lib/ssh_data/private_key/ed25519.rb b/lib/ssh_data/private_key/ed25519.rb
@@ -7,6 +7,7 @@ class ED25519 < Base
       #
       # Returns a PublicKey::Base subclass instance.
       def self.generate
+        PublicKey::ED25519.ed25519_gem_required!
         from_ed25519(Ed25519::SigningKey.generate)
       end
 
@@ -56,6 +57,7 @@ def initialize(algo:, pk:, sk:, comment:)
       #
       # Returns a binary String signature.
       def sign(signed_data, algo: nil)
+        PublicKey::ED25519.ed25519_gem_required!
         algo ||= self.algo
         raise AlgorithmError unless algo == self.algo
         raw_sig = ed25519_key.sign(signed_data)
diff --git a/lib/ssh_data/public_key/ed25519.rb b/lib/ssh_data/public_key/ed25519.rb
@@ -9,6 +9,13 @@ def self.enabled?
         Object.const_defined?(:Ed25519)
       end
 
+      # Assert that the ed25519 gem has been loaded.
+      #
+      # Returns nothing, raises AlgorithmError.
+      def self.ed25519_gem_required!
+        raise AlgorithmError, "the ed25519 gem is not loaded" unless enabled?
+      end
+
       def initialize(algo:, pk:)
         unless algo == ALGO_ED25519
           raise DecodeError, "bad algorithm: #{algo.inspect}"
@@ -30,9 +37,7 @@ def initialize(algo:, pk:)
       #
       # Returns boolean.
       def verify(signed_data, signature)
-        unless self.class.enabled?
-          raise VerifyError, "the ed25519 gem isn't loadedd"
-        end
+        self.class.ed25519_gem_required!
 
         sig_algo, raw_sig, _ = Encoding.decode_signature(signature)
         if sig_algo != ALGO_ED25519
diff --git a/spec/private_key/ed25519_spec.rb b/spec/private_key/ed25519_spec.rb
@@ -78,4 +78,27 @@
     expect(keys.size).to eq(1)
     expect(keys.first).to be_an(SSHData::PrivateKey::ED25519)
   end
+
+  it "fails cleanly if the ed25519 gem hasn't been loaded" do
+    backup = Object.send(:remove_const, :Ed25519)
+    key = openssh_key.first
+
+    begin
+      expect {
+        expect(key.sk).not_to be_nil
+        expect(key.pk).not_to be_nil
+        expect(key.public_key).not_to be_nil
+      }.not_to raise_error
+
+      expect {
+        described_class.generate
+      }.to raise_error(SSHData::AlgorithmError)
+
+      expect {
+        key.sign(message)
+      }.to raise_error(SSHData::AlgorithmError)
+    ensure
+      Object.const_set(:Ed25519, backup)
+    end
+  end
 end
diff --git a/spec/public_key/ed25519_spec.rb b/spec/public_key/ed25519_spec.rb
@@ -67,15 +67,15 @@
 
   it "fails cleanly if the ed25519 gem hasn't been loaded" do
     expect(described_class.enabled?).to be(true)
-     backup = Object.send(:remove_const, :Ed25519)
-     expect(described_class.enabled?).to be(false)
+    backup = Object.send(:remove_const, :Ed25519)
+    expect(described_class.enabled?).to be(false)
 
     begin
       expect {
         SSHData::Certificate.parse_openssh(fixture("rsa_leaf_for_ed25519_ca-cert.pub"),
           unsafe_no_verify: false
         )
-      }.to raise_error(SSHData::VerifyError)
+      }.to raise_error(SSHData::AlgorithmError)
     ensure
       Object.const_set(:Ed25519, backup)
     end

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ class ED25519 < Base`
`7`	`7`	`#`
`8`	`8`	`# Returns a PublicKey::Base subclass instance.`
`9`	`9`	`def self.generate`
	`10`	`+ PublicKey::ED25519.ed25519_gem_required!`
`10`	`11`	`from_ed25519(Ed25519::SigningKey.generate)`
`11`	`12`	`end`
`12`	`13`
`@@ -56,6 +57,7 @@ def initialize(algo:, pk:, sk:, comment:)`
`56`	`57`	`#`
`57`	`58`	`# Returns a binary String signature.`
`58`	`59`	`def sign(signed_data, algo: nil)`
	`60`	`+ PublicKey::ED25519.ed25519_gem_required!`
`59`	`61`	`algo \|\|= self.algo`
`60`	`62`	`raise AlgorithmError unless algo == self.algo`
`61`	`63`	`raw_sig = ed25519_key.sign(signed_data)`