From 8729d47045bbca7eca266a353af18d857994cc5d Mon Sep 17 00:00:00 2001
From: Simon Chopin <simon.chopin@canonical.com>
Date: Mon, 11 Apr 2022 16:25:39 +0200
Subject: Use OpenSSL::PKey::EC.generate static method

Migrate all instances of the pattern EC.new(foo).generate_key to
EC.generate(foo), as the old pattern isn't supported when using OpenSSL
3.0, since one is not allowed to mess with the internal data of already
created objects now.

The new API has been introduced in Ruby 2.4.

Co-authored-by: Lucas Kanashiro <lucas.kanashiro@canonical.com>
---
 lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb | 2 +-
 test/authentication/test_agent.rb               | 4 ++--
 test/authentication/test_key_manager.rb         | 6 +++---
 test/test_buffer.rb                             | 6 +++---
 test/transport/kex/test_curve25519_sha256.rb    | 2 +-
 test/transport/kex/test_ecdh_sha2_nistp256.rb   | 4 ++--
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb b/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb
index a0c911d..47279f0 100644
--- a/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb
+++ b/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb
@@ -18,7 +18,7 @@ module Net
           private
 
           def generate_key # :nodoc:
-            OpenSSL::PKey::EC.new(curve_name).generate_key
+            OpenSSL::PKey::EC.generate(curve_name)
           end
 
           # compute shared secret from server's public key and client's private key
diff --git a/test/authentication/test_agent.rb b/test/authentication/test_agent.rb
index 0c15b1d..82d30f3 100644
--- a/test/authentication/test_agent.rb
+++ b/test/authentication/test_agent.rb
@@ -292,7 +292,7 @@ module Authentication
     end
 
     def test_add_ecdsa_identity
-      ecdsa = OpenSSL::PKey::EC.new("prime256v1").generate_key
+      ecdsa = OpenSSL::PKey::EC.generate("prime256v1")
       socket.expect do |s, type, buffer|
         assert_equal SSH2_AGENT_ADD_IDENTITY, type
         assert_equal buffer.read_string, "ecdsa-sha2-nistp256"
@@ -309,7 +309,7 @@ module Authentication
     end
 
     def test_add_ecdsa_cert_identity
-      cert = make_cert(OpenSSL::PKey::EC.new("prime256v1").generate_key)
+      cert = make_cert(OpenSSL::PKey::EC.generate("prime256v1"))
       socket.expect do |s, type, buffer|
         assert_equal SSH2_AGENT_ADD_IDENTITY, type
         assert_equal buffer.read_string, "ecdsa-sha2-nistp256-cert-v01@openssh.com"
diff --git a/test/authentication/test_key_manager.rb b/test/authentication/test_key_manager.rb
index 4368a08..7bbc0e5 100644
--- a/test/authentication/test_key_manager.rb
+++ b/test/authentication/test_key_manager.rb
@@ -330,15 +330,15 @@ module Authentication
     end
 
     def ecdsa_sha2_nistp256
-      @ecdsa_sha2_nistp256 ||= OpenSSL::PKey::EC.new('prime256v1').generate_key
+      @ecdsa_sha2_nistp256 ||= OpenSSL::PKey::EC.generate('prime256v1')
     end
 
     def ecdsa_sha2_nistp384
-      @ecdsa_sha2_nistp384 ||= OpenSSL::PKey::EC.new('secp384r1').generate_key
+      @ecdsa_sha2_nistp384 ||= OpenSSL::PKey::EC.generate('secp384r1')
     end
 
     def ecdsa_sha2_nistp521
-      @ecdsa_sha2_nistp521 ||= OpenSSL::PKey::EC.new('secp521r1').generate_key
+      @ecdsa_sha2_nistp521 ||= OpenSSL::PKey::EC.generate('secp521r1')
     end
 
     def rsa_pk
diff --git a/test/test_buffer.rb b/test/test_buffer.rb
index 1ff2028..99fdb95 100644
--- a/test/test_buffer.rb
+++ b/test/test_buffer.rb
@@ -457,7 +457,7 @@ class TestBuffer < NetSSHTest
   end
 
   def random_ecdsa_sha2_nistp256
-    k = OpenSSL::PKey::EC.new('prime256v1').generate_key
+    k = OpenSSL::PKey::EC.generate('prime256v1')
     buffer = Net::SSH::Buffer.from(:string, 'nistp256',
                                    :string, k.public_key.to_bn.to_s(2))
     key = yield(buffer)
@@ -466,7 +466,7 @@ class TestBuffer < NetSSHTest
   end
 
   def random_ecdsa_sha2_nistp384
-    k = OpenSSL::PKey::EC.new('secp384r1').generate_key
+    k = OpenSSL::PKey::EC.generate('secp384r1')
     buffer = Net::SSH::Buffer.from(:string, 'nistp384',
                                    :string, k.public_key.to_bn.to_s(2))
     key = yield(buffer)
@@ -475,7 +475,7 @@ class TestBuffer < NetSSHTest
   end
 
   def random_ecdsa_sha2_nistp521
-    k = OpenSSL::PKey::EC.new('secp521r1').generate_key
+    k = OpenSSL::PKey::EC.generate('secp521r1')
     buffer = Net::SSH::Buffer.from(:string, 'nistp521',
                                    :string, k.public_key.to_bn.to_s(2))
     key = yield(buffer)
diff --git a/test/transport/kex/test_curve25519_sha256.rb b/test/transport/kex/test_curve25519_sha256.rb
index 42bbe0a..3a8ce0e 100644
--- a/test/transport/kex/test_curve25519_sha256.rb
+++ b/test/transport/kex/test_curve25519_sha256.rb
@@ -111,7 +111,7 @@ unless ENV['NET_SSH_NO_ED25519']
         end
 
         def server_host_key
-          @server_host_key ||= OpenSSL::PKey::EC.new('prime256v1').generate_key
+          @server_host_key ||= OpenSSL::PKey::EC.generate('prime256v1')
         end
 
         def packet_data
diff --git a/test/transport/kex/test_ecdh_sha2_nistp256.rb b/test/transport/kex/test_ecdh_sha2_nistp256.rb
index 9f26428..0b958a2 100644
--- a/test/transport/kex/test_ecdh_sha2_nistp256.rb
+++ b/test/transport/kex/test_ecdh_sha2_nistp256.rb
@@ -109,11 +109,11 @@ module Transport
       end
 
       def server_key
-        @server_key ||= OpenSSL::PKey::EC.new(ecparam).generate_key
+        @server_key ||= OpenSSL::PKey::EC.generate(ecparam)
       end
 
       def server_host_key
-        @server_host_key ||= OpenSSL::PKey::EC.new('prime256v1').generate_key
+        @server_host_key ||= OpenSSL::PKey::EC.generate('prime256v1')
       end
 
       def packet_data
-- 
cgit v1.2.1