Closed jamis closed 2 months ago
I ran into the same issue, I have a repro script that succeeds on mri and truffleruby and fails on jruby 9.4:
#!/usr/bin/env ruby
require 'openssl'
ENV["MT_NO_PLUGINS"] = "1" # Work around autoloading of plugins
require 'minitest/autorun'
class T < Minitest::Test
make_my_diffs_pretty!
def test_round_trip
pem = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEXsz3SZXFb8jMV42j6pJlyjbjR8K\nN3Bwocexq6LMIb5qsWKOQvLN16NUefLc4HswOoumRsVVaajSpQS6fobkRw==\n-----END PUBLIC KEY-----\n"
key = OpenSSL::PKey.read(pem)
assert_equal pem, key.to_pem
end
end
thank you both - much appreciated. I dag in and found the cause to have happened in 0.14.1 namely the changes from https://github.com/jruby/jruby-openssl/pull/267 are causing the issue, specifically: https://github.com/jruby/jruby-openssl/commit/a7994b3ba17db9a49f0ef4b64bfc8df2a88e7bc9#diff-c007f003c44fb9a713d8e8e9c78b80196499ad88a01e43787165a7dde8664367R355
I'm trying to build a (signed) gem, but with JOpenSSL 0.14.2 the cert check fails during build. This works on JOpenSSL 0.12.2. I've narrowed it down to a consistently reproducible and minimal script, but I'm also fairly weak in OpenSSL and may be doing something wrong.
To reproduce the issue
gem cert
for this, for convenience, but the issue occurs even if I use theopenssl
CLI to generate this.(Have to use MRI ruby for this; trying to run this command with JRuby results in an error.)
Running with MRI 3.1.4:
Running with JRuby 9.2.21:
Running with JRuby 9.3.13:
Running with JRuby 9.4.5:
As seen in the output, JRuby 9.3.13 and 9.4.5 fail to check to the private key (returning
false
). MRI and JRuby 9.2.21 succeed (returningtrue
).Possibly relevant: if I get the public key from the private key and convert it to PEM, the resulting key is empty on JRuby 9.3.13 and 9.4.5: