[fix] OpenSSL::X509::Certificate#public_key raises for EC keys (#273)

Author: nicholasdower

src/main/java/org/jruby/ext/openssl/PKeyEC.java

@@ -88,6 +88,10 @@ public final class PKeyEC extends PKey {
         public PKeyEC allocate(Ruby runtime, RubyClass klass) { return new PKeyEC(runtime, klass); }
     };
 
+    static PKeyEC newInstance(final Ruby runtime, final PublicKey publicKey) {
+        return new PKeyEC(runtime, publicKey);
+    }
+
     static void createPKeyEC(final Ruby runtime, final RubyModule PKey, final RubyClass PKeyPKey, final RubyClass OpenSSLError) {
         RubyClass EC = PKey.defineClassUnder("EC", PKeyPKey, ALLOCATOR);
 

src/main/java/org/jruby/ext/openssl/X509Cert.java

@@ -512,7 +512,7 @@ DateTime getNotAfter() {
     @JRubyMethod
     public IRubyObject public_key(final ThreadContext context) {
         if ( public_key == null ) initializePublicKey();
-        return public_key.callMethod(context, "public_key");
+        return public_key;
     }
 
     @JRubyMethod(name = "public_key=")
@@ -556,6 +556,9 @@ else if ( "DSA".equalsIgnoreCase(algorithm) ) {
             //}
             set_public_key( PKeyDSA.newInstance(runtime, publicKey) );
         }
+        else if ( "EC".equalsIgnoreCase(algorithm) ) {
+            set_public_key( PKeyEC.newInstance(runtime, publicKey) );
+        }
         else {
             String message = "unsupported algorithm";
             if ( algorithm != null ) message += " '" + algorithm + "'";

src/test/ruby/x509/dsa.crt

@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFmjCCBUECCQCyVP+siddScDAJBgcqhkjOOAQDMB4xCzAJBgNVBAYTAkRFMQ8w
+DQYDVQQHDAZCZXJsaW4wHhcNMjMwMzAzMTIyODQ2WhcNMjMwNDAyMTIyODQ2WjAe
+MQswCQYDVQQGEwJERTEPMA0GA1UEBwwGQmVybGluMIIExzCCAzoGByqGSM44BAEw
+ggMtAoIBgQDLKx9elgtAt8cgYcXWPIye512chP+wcJw4hDGjyHbtkdshsI4us/Sg
+FruQ8/aCwXDGOHgn/nDJQ5np3/3NiIXcWkBCcGfmbRjc3T2P/Umu3O6JaK9ejvpJ
+l7GQkZnQOrDE3VJz9/3hw7BqsbsEc5NW6ruefBwTI4EpEVxZrvKWa9K2eAeRqAGO
+u2tosdqoVnl08u/quu2WQ7XIdeY9otmeKdmwGStgFd3TzjfB3d98VcuQbkBfem6g
+HT26YyU+sLickWh7FqJkv8Nr9YgFRUEzxuKLa9gKXn1RIz71nPXaIvUfuFQNfnQf
+0rdmZULdXcHRnZFxwkPn6N+46tEhiLtCKEQ+bfx7o/mfd4WlhMAeCtu8pw7kthr0
+bLo/ZKlbl6JIV9O3kGd4QeghB1UzH8WbiyV/EZYy84XpJxfDWTeBJLquLE0M/kKa
++kb/QkEWcPptN62WtD3MVZhBhuZLQBcPXrKfgM3522jAWlL6ryK9sC1L4KULBPZ/
+XeIti2dEjD0CIQDjLh4LaF4hfd7BLvj/TRs9Eq+W94ekiIJFuCP1RtR/vwKCAYEA
+wqM29Tv5dl0IMKad/sX0Ui8ZqwUfudsSO5a3W8kv9ovxVzrfjjBIq2C8ysrI4bzQ
+lfk9fKhlEj7ZEjBkBaDoVfvD9oY1BzQxiCl9nmNQwW6drV+x6A6CnvZh3mNgrnMn
+TRUjdJEThjoaG+Z6yN2igEhPBjLrNOeh26CPzFu4r7tbFsjXUT1PDQkCD5yDSZLP
+sUWoGJgh9rgw1UWgKn9n6fKALRSbeM1Z4NfmQK65eOrhSitMmgrcSUV/0Cnntcfd
+PBYBYuuxzw7tO6exqKTMid7nRo0SjhRb/bCZmlsAnbTHdcYN2/tAyY3jt6aYuTXS
+bvzZ5gAPxjeYGLyaTJzXvCaYfAzpbC0Ks2Q2SkZLrxW6unS/pRXFPBtNxDTN+OfS
+PB4SErFyo8Xr2Do2CzigG5YLnTe+ELr31W5oY63PetE/OKoNVvSUDjFttt9MoDs7
+5kkzswVx/WsYfYOWll0/iINqteSSctQnQHzPMP2sLe4c3PomMve9bHyIBLDtWKhT
+A4IBhQACggGAbjm99bX6Y6gvMrF6QbfNsdXeQLwPWrfeET/3CuWdbM5smPDQXzal
+nM0tnZCDwOuLbT7PxDOHuw1oOMv5sYLupjblU8NoDGWzJAVeUKjfftuWptwrbgdh
+qkE+vHfmIduHHqHIl+ZMhS/F3C8/u6CctCy5sO/iYuIKzyYE//tZpf+jnVQ4j79m
+Sa4skFufzUDVu7CLWd4LYkHzjRXNBAnbjF0/WJKOdnCdYlSwkhPC3VqjBGOBlotb
+B8UE0XjKlx7LiSWEWCckLLo7WAU88d5ZXJhhJ4jeY8pYvYyRJ+hqh9sMORRs7I5V
+5K2ysI3QYIbXmhN4gHkl0J84TWQ4ZVkjKfyJYFDtyH8x13GCyaGYwRFVLlkSkxx3
+lKASIE3vdc8h5yUXlNjWoPtL9pPc9BqmtkKXEYtYkdDkkL/lYVJ0CV8R5wM+ccx4
+M2cyysvDFnRpe1uNlU/joC76In6I7pYQE9UOhVGxjyX2+ZqRXEgn924Rjbksfg7G
+AU389kgxJPhDMAkGByqGSM44BAMDSAAwRQIgH1GIKxmcIj27rVD9B2GhTNClelzW
+fCFwnp5AEY02RwsCIQDE0V6ITkW9xxaQz8/bjvlCmVTJtJFD9rtZVjWhmrIgqg==
+-----END CERTIFICATE-----

src/test/ruby/x509/ec.crt

@@ -0,0 +1,9 @@
+-----BEGIN CERTIFICATE-----
+MIIBLDCB0gIJAJRzFaGbFWl5MAoGCCqGSM49BAMCMB4xCzAJBgNVBAYTAkRFMQ8w
+DQYDVQQHDAZCZXJsaW4wHhcNMjMwMzAzMTIxMzU4WhcNMjMwNDAyMTIxMzU4WjAe
+MQswCQYDVQQGEwJERTEPMA0GA1UEBwwGQmVybGluMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEtyX3CxW6sRambalSi0XwFLK4sIV7eJekaOX3hV05oGDl1umT84OL
+HHctC4+VcJ5R98gsDA9x8c8jT3o09yqarjAKBggqhkjOPQQDAgNJADBGAiEA9ALb
+jJ4w2bQ3QsxdneNYo1T3yUKjpPk4C2/wWpiU354CIQCAtuLX7Fwb2xfGXFzpOgK7
+OcwGN+Mb5xA9eR17/uq07Q==
+-----END CERTIFICATE-----

src/test/ruby/x509/rsa.crt

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAnegAwIBAgIUMbWvdUeWTEuSK5ppK5B6S+7LzO0wDQYJKoZIhvcNAQEL
+BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y
+MDAxMjkxNTQzNTZaFw0yMzAxMjgxNTQzNTZaMFcxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBM
+dGQxEDAOBgNVBAMMB2RlbW8uY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDOenkwnxjXDl7yD3Io23c+t777WOBNT+/XkElOCNCfp8ogbB6JVfZz2MW6
+MeNqfemnotsMM12OvnebL3QGHDVFFdsQ9Gnt3LaEttHhC/Xg8FSHk41g0D/guaJc
+XVhhgJBTW7hHl/vwCT8H/07z4ItGvILjttKCy89PqzxbodEoYNwNc/VSsQy9Eox/
+y2Z01EuiemcdvTMhZd6u8O5d5d0C52gbLmLeIkVmwOzOO7+9tJhEGcNJFGna4U5e
+Phu2Hk8PiI4B4VpvlXMIxpOJQWXrxnhwNRf6SSKWCEZOopH82YUPmILMPAiIubjI
+s2y2XwQXtt1Kj16RJriHngOn68gNAgMBAAGjUzBRMB0GA1UdDgQWBBS2JI9T0SRm
+8h3qTzcr8Do6eLpdRTAfBgNVHSMEGDAWgBS2JI9T0SRm8h3qTzcr8Do6eLpdRTAP
+BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAojDNYMlZaZvjr2CQX
+OBVSY6ZJjiKkI1c4Ihx1Dx7RqJeGYUnqwrzRU5HTlvAvLUHfFMIV9ahXeuRlpsJ5
+DY2kjTwtyTozF8IPPEwc8DQrFhuO2qaZOzvCbYWqO5uqx0TKxXN227xv85pHT2if
+7IwhJwKInQg1d56heZ6Isz0tFysXeY7NJZ3iYgBg7PsBTeDiAPAW3XvXY2naSXui
+vp12fnfcH7GF8QrcuCiqrgDfNASsfkONfCDBmOPJdLmxoGHcXxwORrGM2XQkPeAU
+c/exZclzK5ke4rWkm0DoC/soHkCPkwE7LFcS0Uzvmyb5ORPSycBVS5mS13cz7YAy
+L/wk
+-----END CERTIFICATE-----

src/test/ruby/x509/test_x509cert.rb

@@ -508,4 +508,22 @@ def test_cert_subject_hash
 EOF
     assert_equal '5ad8a5d6', cert.subject.hash.to_s(16)
   end
+
+  def test_ec_public_key
+    cert_string = File.read(File.expand_path('ec.crt', File.dirname(__FILE__)))
+    cert = OpenSSL::X509::Certificate.new(cert_string)
+    assert_same OpenSSL::PKey::EC, cert.public_key.class
+  end
+
+  def test_rsa_public_key
+    cert_string = File.read(File.expand_path('rsa.crt', File.dirname(__FILE__)))
+    cert = OpenSSL::X509::Certificate.new(cert_string)
+    assert_same OpenSSL::PKey::RSA, cert.public_key.class
+  end
+
+  def test_dsa_public_key
+    cert_string = File.read(File.expand_path('dsa.crt', File.dirname(__FILE__)))
+    cert = OpenSSL::X509::Certificate.new(cert_string)
+    assert_same OpenSSL::PKey::DSA, cert.public_key.class
+  end
 end