Include supported param keys in error message

Author: anakinj

ext/openssl/ossl_pkey.c

@@ -462,7 +462,6 @@ add_parameter_to_builder(VALUE key, VALUE value, VALUE arg) {
 
     const char *key_ptr = StringValueCStr(key);
     const struct pkey_from_parameters_arg *params = (const struct pkey_from_parameters_arg *) arg;
-    const OSSL_PARAM *settable_params = params->settable_params;
 
     for(size_t i = 0; i < params->nAliases; i++) {
         if(strcmp(params->aliases[i].alias, key_ptr) == 0) {
@@ -471,7 +470,7 @@ add_parameter_to_builder(VALUE key, VALUE value, VALUE arg) {
         }
     }
 
-    for (; settable_params->key != NULL; settable_params++) {
+    for (const OSSL_PARAM *settable_params = params->settable_params; settable_params->key != NULL; settable_params++) {
         if(strcmp(settable_params->key, key_ptr) == 0) {
             switch (settable_params->data_type) {
             case OSSL_PARAM_INTEGER:
@@ -506,9 +505,19 @@ add_parameter_to_builder(VALUE key, VALUE value, VALUE arg) {
             return ST_CONTINUE;
         }
     }
-
     OSSL_PARAM_BLD_free(params->param_bld);
-    ossl_raise(ePKeyError, "Unsupported parameter \"%s\"", key_ptr);
+
+    char message_buffer[512] = { 0 };
+    char *cur = message_buffer;
+    char *end = message_buffer + sizeof(message_buffer);
+    for (const OSSL_PARAM *settable_params = params->settable_params; settable_params->key != NULL; settable_params++) {
+        const char *fmt = cur == message_buffer ? "%s" : ", %s";
+        if (cur > end)
+            break;
+        cur += snprintf(cur, end-cur, fmt, settable_params->key);
+    }
+
+    ossl_raise(ePKeyError, "Invalid parameter \"%s\". Supported parameters: \"%s\"", key_ptr, message_buffer);
 }
 
 static VALUE
@@ -517,12 +526,14 @@ pkey_from_parameters(int argc, VALUE *argv, VALUE self)
     VALUE alg, options;
     rb_scan_args(argc, argv, "11", &alg, &options);
 
-    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, StringValueCStr(alg), NULL);
+    const char* algorithm = StringValueCStr(alg);
+
+    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(NULL, algorithm, NULL);
 
     if (ctx == NULL)
         ossl_raise(ePKeyError, "EVP_PKEY_CTX_new_from_name");
 
-    struct pkey_from_parameters_arg from_params_args;
+    struct pkey_from_parameters_arg from_params_args = { 0 };
 
     from_params_args.param_bld = OSSL_PARAM_BLD_new();
 
@@ -531,15 +542,12 @@ pkey_from_parameters(int argc, VALUE *argv, VALUE self)
 
     from_params_args.settable_params = EVP_PKEY_fromdata_settable(ctx, EVP_PKEY_KEYPAIR);
 
-    if (strcmp("RSA", StringValueCStr(alg)) == 0) {
+    if (strcmp("RSA", algorithm) == 0) {
         from_params_args.aliases = rsa_aliases;
         from_params_args.nAliases = sizeof(rsa_aliases)/sizeof((rsa_aliases)[0]);
-    } else if (strcmp("DSA", StringValueCStr(alg)) == 0 ||
-               strcmp("DH", StringValueCStr(alg)) == 0) {
+    } else {
         from_params_args.aliases = fcc_aliases;
         from_params_args.nAliases = sizeof(fcc_aliases)/sizeof((fcc_aliases)[0]);
-    } else {
-        from_params_args.nAliases = 0;
     }
 
     rb_hash_foreach(options, &add_parameter_to_builder, (VALUE) &from_params_args);
@@ -559,7 +567,7 @@ pkey_from_parameters(int argc, VALUE *argv, VALUE self)
         ossl_raise(ePKeyError, "EVP_PKEY_fromdata_init");
     }
 
-    if(EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) {
+    if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) {
         EVP_PKEY_CTX_free(ctx);
         EVP_PKEY_free(pkey);
         ossl_raise(ePKeyError, "EVP_PKEY_fromdata");

test/openssl/test_pkey.rb

@@ -268,7 +268,7 @@ def test_s_from_parameters_rsa_with_simple_names
 
     def test_s_from_parameters_rsa_with_invalid_parameter
       e = assert_raise(OpenSSL::PKey::PKeyError) { OpenSSL::PKey.from_parameters("RSA", invalid: 1234) }
-      assert_equal 'Unsupported parameter "invalid"', e.message
+      assert_match(/Invalid parameter "invalid"/, e.message)
     end
 
     def test_s_from_parameters_ec_pub_given_as_string
@@ -321,7 +321,7 @@ def test_s_from_parameters_ec_pub_given_as_integer
 
     def test_s_from_parameters_ec_with_invalid_parameter
       e = assert_raise(OpenSSL::PKey::PKeyError) { OpenSSL::PKey.from_parameters("EC", invalid: 1234) }
-      assert_equal 'Unsupported parameter "invalid"', e.message
+      assert_match(/Invalid parameter "invalid"/, e.message)
     end
 
     def test_s_from_parameters_dsa_with_all_supported_parameters
@@ -347,7 +347,7 @@ def test_s_from_parameters_dsa_with_gem_specific_keys
 
     def test_s_from_parameters_dsa_with_invalid_parameter
       e = assert_raise(OpenSSL::PKey::PKeyError) { OpenSSL::PKey.from_parameters("DSA", invalid: 1234) }
-      assert_equal 'Unsupported parameter "invalid"', e.message
+      assert_match(/Invalid parameter "invalid"/, e.message)
     end
 
     def test_s_from_parameters_dh_with_all_supported_parameters
@@ -361,7 +361,18 @@ def test_s_from_parameters_dh_with_all_supported_parameters
 
     def test_s_from_parameters_dh_with_invalid_parameter
       e = assert_raise(OpenSSL::PKey::PKeyError) { OpenSSL::PKey.from_parameters("DH", invalid: 1234) }
-      assert_equal 'Unsupported parameter "invalid"', e.message
+      assert_match(/Invalid parameter "invalid"/, e.message)
+    end
+
+    def test_s_from_parameters_ed25519
+      key = OpenSSL::PKey.from_parameters("ED25519", pub: "\xD0\x8E\xA8\x96\xB6Fbi{$k\xAC\xB8\xA2V\xF4n\xC3\xD06}R\x8A\xE6I\xA7r\xF6D{W\x84")
+      assert_instance_of OpenSSL::PKey::PKey, key
+      assert_equal "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEA0I6olrZGYml7JGusuKJW9G7D0DZ9UormSady9kR7V4Q=\n-----END PUBLIC KEY-----\n", key.public_to_pem
+    end
+
+    def test_s_from_parameters_ed25519_with_invalid_parameters
+      e = assert_raise(OpenSSL::PKey::PKeyError) { OpenSSL::PKey.from_parameters("ED25519", invalid: 12345) }
+      assert_equal 'Invalid parameter "invalid". Supported parameters: "pub, priv"', e.message
     end
   else
     def test_from_parameter_raises_on_pre_3_openssl