From 4de6831dea4e922bf3052192eec143af015a3486 Mon Sep 17 00:00:00 2001
From: Simon Chopin <simon.chopin@canonical.com>
Date: Fri, 8 Apr 2022 09:32:24 +0200
Subject: transport: create EC keys by loading PEM data directly

The OpenSSL 3.0 changes don't allow for us to modify the private key
details directly, and there are no dedicated constructors as of Ruby
3.0, so we need to actually create a PEM certificate in-memory and load
that instead.

Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
---
 lib/net/ssh/transport/openssl.rb | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/lib/net/ssh/transport/openssl.rb b/lib/net/ssh/transport/openssl.rb
index a398326..40561fb 100644
--- a/lib/net/ssh/transport/openssl.rb
+++ b/lib/net/ssh/transport/openssl.rb
@@ -159,10 +159,18 @@ module OpenSSL
 
         public_key_oct = buffer.read_string
         begin
-          key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
-          group = key.group
+          curvename = OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key]
+          group = OpenSSL::PKey::EC::Group.new(curvename)
           point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
-          key.public_key = point
+          asn1 = OpenSSL::ASN1::Sequence([
+            OpenSSL::ASN1::Sequence([
+              OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
+              OpenSSL::ASN1::ObjectId(curvename)
+            ]),
+            OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
+          ])
+
+          key = OpenSSL::PKey::EC.new(asn1.to_der)
 
           return key
         rescue OpenSSL::PKey::ECError
-- 
cgit v1.2.1