OpenSSL::PKey::EC.new issue on CentOS

[jamespeerless]

Been running bitpay ruby-client locally in dev just fine. I pushed to production and am running into this issue when trying to generate_pem:

The machine has this version of openssl: Name : openssl Arch : x86_64 Version : 1.0.1e Release : 16.el6_5.14

Here is the stack trace when trying to create a new key:

OpenSSL::PKey::EC.new("secp256k1")

ArgumentError: wrong number of arguments (1 for 0) from (irb):16:in initialize' from (irb):16:innew' from (irb):16 from /home/deploy/site/shared/bundle/ruby/2.1.0/gems/railties-4.1.4/lib/rails/commands/console.rb:90:in start' from /home/deploy/site/shared/bundle/ruby/2.1.0/gems/railties-4.1.4/lib/rails/commands/console.rb:9:instart' from /home/deploy/site/shared/bundle/ruby/2.1.0/gems/railties-4.1.4/lib/rails/commands/commands_tasks.rb:69:in console' from /home/deploy/site/shared/bundle/ruby/2.1.0/gems/railties-4.1.4/lib/rails/commands/commands_tasks.rb:40:inrun_command!' from /home/deploy/site/shared/bundle/ruby/2.1.0/gems/railties-4.1.4/lib/rails/commands.rb:17:in <top (required)>' from bin/rails:8:inrequire' from bin/rails:8:in `

'

[philosodad]

Thanks for bringing this issue to our attention. We're running openssl 0.9.8 locally and I assume on the build server. However, with the specific error that you are getting (wrong number of arguments) it seems like this might be a ruby problem. The development version is ruby 2.1.2. have you tried running this locally against ruby 2.1.0?

[jamespeerless]

It works fine running it locally on my mac against ruby 2.1.2 but not on my production machine running centOS and ruby 2.1.2 so I'm not sure if that's the issue

[philosodad]

I'm not either. However, the Centos environment is reporting that it is using Ruby 2.1.0 not 2.1.2. There were some SSL bugs in 2.0 and possibly in 2.1, so I'm wondering if you have tried this locally in Ruby 2.1.0.

[jamespeerless]

Just double checked and made sure my Centos env is actually using Ruby 2.1.2, and it is. So I'm pretty much out of ideas.. any thing you think I can try?

[jamespeerless]

Ok seems like issue is actually version of openssl.. not sure how to fix centos version :(

[philosodad]

I've done a web search on this and I'm seeing no signs of such a bug or incompatibility between openssl and ruby. You're getting this error in the rails console... do you get the same error in a regular irb console? If you use the openssl library directly (like - OpenSSL::PKey::EC.new("secp256k1") do you get the same error?

[jamespeerless]

If I do it in regular irb it doesn't even know about the EC class:

2.1.2 :012 > OpenSSL::PKey => OpenSSL::PKey

2.1.2 :013 > OpenSSL::PKey::EC NameError: uninitialized constant OpenSSL::PKey::EC from (irb):13 from /usr/local/rvm/rubies/ruby-2.1.2/bin/irb:11:in `

'

[philosodad]

I honestly have no idea. If I get a chance I'll load a vagrant box with a recent CentOS and see what I can discover.

[jamespeerless]

I figured it out. My centos boxed had built ruby linked with an old openssl library before ECDSA was added. I had to rebuild ruby with latest openssl lib and it's fine now.

[jamespeerless]

Ok jk it's not fine. The real issue is openSSL for centos doesn't have secp256k1 support. What a nightmare.

[heisler3030]

If you're committed to using CentOS you could fork the repo and use https://github.com/DavidEGrayson/ruby_ecdsa, which may eliminate the need for secp256k1 OpenSSL. But at that point you're signing up for a whole new set of potential challenges...

[jamespeerless]

Yeah I ended up bailing on CentOS last night and rebuilding my production instances using Ubuntu. All good now. Thanks everyone, closing this out.