Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 5e4f2c4de3a2
Choose a base ref
...
head repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 2ea071d3bf3d
Choose a head ref
  • 3 commits
  • 2 files changed
  • 1 contributor

Commits on Dec 31, 2015

  1. Copy the full SHA
    0bd2bd4 View commit details
  2. Copy the full SHA
    29ae9bc View commit details
  3. Copy the full SHA
    2ea071d View commit details
Showing with 50 additions and 10 deletions.
  1. +19 −10 src/main/java/org/jruby/ext/openssl/X509Cert.java
  2. +31 −0 src/test/ruby/x509/test_x509cert.rb
29 changes: 19 additions & 10 deletions src/main/java/org/jruby/ext/openssl/X509Cert.java
Original file line number Diff line number Diff line change
@@ -310,11 +310,23 @@ public IRubyObject to_text(final ThreadContext context) {

text.append("Certificate:\n");
text.append(S20,0,4).append("Data:\n");
final int version = RubyNumeric.fix2int(this.version);
final int version = this.version == null ? 0 : RubyNumeric.fix2int(this.version);
text.append(S20,0,8).append("Version: ").append( version + 1 ).
append(" (0x").append( Integer.toString( version, 16 ) ).append(")\n");
text.append(S20,0,8).append("Serial Number:\n");
text.append(S20,0,12).append( lowerHexBytes(serial.toByteArray(), 1) ).append('\n');
// <= 0x1122334455667788 printed on same line as :
// Serial Number: 1234605616436508552 (0x1122334455667788)
// but 0x112233445566778899 ends up :
// Serial Number:
// 11:22:33:44:55:66:77:88:99
text.append(S20,0,8).append("Serial Number:");
if ( serial.compareTo( new BigInteger("FFFFFFFFFFFFFFFF", 16) ) > 0 ) {
text.append('\n');
text.append(S20,0,12).append( lowerHexBytes(serial.toByteArray(), 1) ).append('\n');
}
else {
text.append(' ').append(serial.toString(10)).append(' ');
text.append('(').append("0x").append(serial.toString(16)).append(')').append('\n');
}

text.append(S20,0,4).append("Signature Algorithm: ").append( signature_algorithm() ).append('\n');
//final RubyString issuer = issuer().asString(); ByteList bytes = issuer.getByteList();
@@ -382,12 +394,12 @@ public IRubyObject inspect() {

@JRubyMethod
public IRubyObject version() {
return version;
return version != null ? version : ( version = getRuntime().newFixnum(0) );
}

@JRubyMethod(name = "version=")
public IRubyObject set_version(final IRubyObject version) {
if ( ! version.equals(this.version) ) {
if ( ! version().equals(version) ) {
this.changed = true;
}
return this.version = version;
@@ -409,17 +421,14 @@ public IRubyObject serial() {

@JRubyMethod(name = "serial=")
public IRubyObject set_serial(final IRubyObject serial) {
if ( ! serial.equals(this.serial) ) {
this.changed = true;
}

final String serialStr = serial.toString();
final String serialStr = serial.asString().toString();
final BigInteger serialInt;
if ( serialStr.equals("0") ) { // MRI compatibility: allow 0 serial number
serialInt = BigInteger.ONE;
} else {
serialInt = new BigInteger(serialStr);
}
this.changed = ! serialInt.equals(this.serial);
//generator.setSerialNumber( serialInt.abs() );
this.serial = serialInt; return serial;
}
31 changes: 31 additions & 0 deletions src/test/ruby/x509/test_x509cert.rb
Original file line number Diff line number Diff line change
@@ -275,6 +275,37 @@ def test_to_text_regression
assert cert.to_text.index('Signature Algorithm: sha256WithRSAEncryption')
end

def test_to_text_npe_regression
# https://github.com/jruby/jruby-openssl/issues/78
key = OpenSSL::PKey::RSA.generate(2048)

issuer = subject = OpenSSL::X509::Name.new
subject.add_entry('C', 'JP')
subject.add_entry('ST', 'Tokyo')
subject.add_entry('L', 'Chiyoda')
subject.add_entry('CN', 'demo.example.com')

digest = OpenSSL::Digest::SHA1.new

cert = OpenSSL::X509::Certificate.new
cert.not_before = Time.at(0)
cert.not_after = Time.now + 5 * 365 * 86400 # 5 years after
cert.public_key = key
cert.serial = 1
cert.issuer = issuer
cert.subject = subject
cert.add_extension OpenSSL::X509::Extension.new('basicConstraints', OpenSSL::ASN1.Sequence([OpenSSL::ASN1::Boolean(true)]))
cert.sign(key, digest)

assert cert.to_text.index('Version: 1 (0x0)')
assert cert.to_text.index('Serial Number: 1 (0x1)')
# TODO
#assert cert.to_text.index('Issuer: C=JP, ST=Tokyo, L=Chiyoda, CN=demo.example.com')

assert_equal 0, cert.version
assert_equal OpenSSL::BN.new(1), cert.serial
end

def test_cert_loading_regression
cert_text = "0\x82\x01\xAD0\x82\x01\xA1\xA0\x03\x02\x01\x02\x02\x01\x010\x03\x06\x01\x000g1\v0\t\x06\x03U\x04\x06\x13\x02US1\x130\x11\x06\x03U\x04\b\f\nCalifornia1\x150\x13\x06\x03U\x04\a\f\fSanta Monica1\x110\x0F\x06\x03U\x04\n\f\bOneLogin1\x190\x17\x06\x03U\x04\x03\f\x10app.onelogin.com0\x1E\x17\r100309095845Z\x17\r150309095845Z0g1\v0\t\x06\x03U\x04\x06\x13\x02US1\x130\x11\x06\x03U\x04\b\f\nCalifornia1\x150\x13\x06\x03U\x04\a\f\fSanta Monica1\x110\x0F\x06\x03U\x04\n\f\bOneLogin1\x190\x17\x06\x03U\x04\x03\f\x10app.onelogin.com0\x81\x9F0\r\x06\t*\x86H\x86\xF7\r\x01\x01\x01\x05\x00\x03\x81\x8D\x000\x81\x89\x02\x81\x81\x00\xE8\xD2\xBBW\xE3?/\x1D\xE7\x0E\x10\xC8\xBD~\xCD\xDE!#\rL\x92G\xDF\xE1f?L\xB1\xBC9\x99\x14\xE5\x84\xD2Zi\x87<>d\xBD\x81\xF9\xBA\x85\xD2\xFF\xAA\x90\xF3Z\x97\xA5\x1D\xB0W\xC0\x93\xA3\x06IP\xB84\xF5\xD7Qu\x19\xFCB\xCA\xA3\xD4\\\x8E\v\x9B%\x13|\xB6m\x9D\xA8\x16\xE6\xBB\xDA\x87\xFF\xE3\xD7\xE9\xBA9\xC5O\xA2\xA7C\xADB\x04\xCA\xA5\x0E\x84\xD0\xA8\xE4\xFA\xDA\xF1\x89\xF2s\xFA1\x95\xAF\x03\xAB1\xAA\xE7y\x02\x03\x01\x00\x010\x03\x06\x01\x00\x03\x01\x00"
assert cert = OpenSSL::X509::Certificate.new(cert_text)