From ab355cad013d1da2637439aeadda43924a85c7c7 Mon Sep 17 00:00:00 2001 From: kares Date: Thu, 4 Apr 2024 19:44:30 +0200 Subject: [PATCH] [fix] raise PKeyError from PKey.read when no key (#285) --- src/main/java/org/jruby/ext/openssl/PKey.java | 10 ++++++---- .../java/org/jruby/ext/openssl/impl/PKey.java | 15 +++------------ src/test/ruby/test_pkey.rb | 16 ++++++++++++++++ 3 files changed, 25 insertions(+), 16 deletions(-) diff --git a/src/main/java/org/jruby/ext/openssl/PKey.java b/src/main/java/org/jruby/ext/openssl/PKey.java index 5191dac4..02511a58 100644 --- a/src/main/java/org/jruby/ext/openssl/PKey.java +++ b/src/main/java/org/jruby/ext/openssl/PKey.java @@ -141,13 +141,13 @@ public static IRubyObject read(final ThreadContext context, IRubyObject recv, IR PublicKey pubKey = null; try { pubKey = PEMInputOutput.readRSAPublicKey(new StringReader(str.toString()), null); - return new PKeyRSA(runtime, (RSAPublicKey) pubKey); + if (pubKey != null) return new PKeyRSA(runtime, (RSAPublicKey) pubKey); } catch (IOException e) { debugStackTrace(runtime, "PKey readRSAPublicKey", e); /* ignore */ } try { pubKey = PEMInputOutput.readDSAPublicKey(new StringReader(str.toString()), null); - return new PKeyDSA(runtime, (DSAPublicKey) pubKey); + if (pubKey != null) return new PKeyDSA(runtime, (DSAPublicKey) pubKey); } catch (IOException e) { debugStackTrace(runtime, "PKey readDSAPublicKey", e); /* ignore */ } @@ -163,7 +163,9 @@ public static IRubyObject read(final ThreadContext context, IRubyObject recv, IR if (pubKey == null) { try { pubKey = PEMInputOutput.readPubKey(new StringReader(str.toString())); - } catch (IOException e) { /* ignore */ } + } catch (IOException e) { + debugStackTrace(runtime, "PKey readPubKey", e); /* ignore */ + } } if (pubKey != null) { @@ -178,7 +180,7 @@ public static IRubyObject read(final ThreadContext context, IRubyObject recv, IR } } - throw runtime.newArgumentError("Could not parse PKey"); + throw newPKeyError(runtime, "Could not parse PKey: unsupported"); } private static String getAlgorithm(final KeyPair key) { diff --git a/src/main/java/org/jruby/ext/openssl/impl/PKey.java b/src/main/java/org/jruby/ext/openssl/impl/PKey.java index 686b1f27..847cbedc 100644 --- a/src/main/java/org/jruby/ext/openssl/impl/PKey.java +++ b/src/main/java/org/jruby/ext/openssl/impl/PKey.java @@ -132,24 +132,15 @@ public static KeyPair readPrivateKey(final Type type, final PrivateKeyInfo keyIn } // d2i_PUBKEY_bio - public static PublicKey readPublicKey(byte[] input) throws IOException, - NoSuchAlgorithmException, InvalidKeySpecException { + public static PublicKey readPublicKey(byte[] input) throws IOException, NoSuchAlgorithmException { PublicKey key = null; try { key = readRSAPublicKey(input); - } - catch (NoSuchAlgorithmException e) { throw e; /* should not happen */ } - catch (InvalidKeySpecException e) { - // ignore - } + } catch (InvalidKeySpecException e) { /* ignore */ } if (key == null) { try { key = readDSAPublicKey(input); - } - catch (NoSuchAlgorithmException e) { throw e; /* should not happen */ } - catch (InvalidKeySpecException e) { - // ignore - } + } catch (InvalidKeySpecException e) { /* ignore */ } } return key; } diff --git a/src/test/ruby/test_pkey.rb b/src/test/ruby/test_pkey.rb index 5bcf50c3..076d9f15 100644 --- a/src/test/ruby/test_pkey.rb +++ b/src/test/ruby/test_pkey.rb @@ -28,6 +28,22 @@ def test_pkey_read_pkcs8_and_check_with_cert assert_true cert.check_private_key(pkey) end + def test_pkey_pem_file_error + begin + ret = OpenSSL::PKey.read('not a PEM file') + fail "expected OpenSSL::PKey.read to raise (got: #{ret.inspect})" + rescue OpenSSL::PKey::PKeyError => e + assert_equal 'Could not parse PKey: unsupported', e.message + end + + begin + ret = OpenSSL::PKey::RSA.new('not a PEM file') + fail "expected OpenSSL::PKey::RSA.new to raise (got: #{ret.inspect})" + rescue OpenSSL::PKey::RSAError + assert true + end + end + def test_to_java pkey = OpenSSL::PKey.read(KEY) assert_kind_of java.security.PublicKey, pkey.to_java