OpenSSL::X509::CertificateError: unsupported algorithm 'EC'
public_key at org/jruby/ext/openssl/X509Cert.java:514
<main> at -e:1
I noticed two things about X509Cert#public_key that I think are causing this:
When initializing the public key via X509Cert#initializePublicKey, only RSA and DSA are supported. See here and here.
X509Cert#public_key delegates to the certificate's public key's public_key method. This seems to work for OpenSSL::PKey::RSA and OpenSSL::PKey::DSA since their public_key methods return instances of OpenSSL::PKey::RSA and OpenSSL::PKey::DSA respectively (see here and here). But OpenSSL::PKey::EC's public_key method is documented as returning an OpenSSL::PKey::EC::Point (see here).
As far as I can tell, X509Cert#public_key should be returning an OpenSSL::PKey::EC in this case (That is also the behavior I see on MRI Ruby).
Dear JRuby folks,
When attempting to retrieve the EC public key of an X.509 certificate:
I am encountering the following error:
I noticed two things about X509Cert#public_key that I think are causing this:
X509Cert#initializePublicKey
, only RSA and DSA are supported. See here and here.X509Cert#public_key
delegates to the certificate's public key'spublic_key
method. This seems to work forOpenSSL::PKey::RSA
andOpenSSL::PKey::DSA
since theirpublic_key
methods return instances ofOpenSSL::PKey::RSA
andOpenSSL::PKey::DSA
respectively (see here and here). ButOpenSSL::PKey::EC
'spublic_key
method is documented as returning anOpenSSL::PKey::EC::Point
(see here).As far as I can tell,
X509Cert#public_key
should be returning anOpenSSL::PKey::EC
in this case (That is also the behavior I see on MRI Ruby).I took a shot at addressing this in https://github.com/jruby/jruby-openssl/pull/273. Please let me know if this is reasonable.
Thanks in advance for any advice/suggestions.