[fix] cert subjectKeyId ext value generation

now that PKey#to_der is aligned we need to handle the
payload unpacking from ASN.1 for the public-key part
(this is the part we need to feed into the hash fn)

Author: kares

src/main/java/org/jruby/ext/openssl/PKey.java

@@ -41,6 +41,9 @@
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 
+import org.bouncycastle.asn1.ASN1InputStream;
+import org.bouncycastle.asn1.ASN1Primitive;
+import org.bouncycastle.asn1.ASN1Sequence;
 import org.jruby.Ruby;
 import org.jruby.RubyClass;
 import org.jruby.RubyModule;
@@ -230,6 +233,16 @@ public IRubyObject sign(IRubyObject digest, IRubyObject data) {
         }
     }
 
+    public ASN1Primitive toASN1PublicInfo() throws IOException {
+        ASN1InputStream input = new ASN1InputStream(to_der().getBytes());
+
+        ASN1Primitive data = input.readObject();
+        if (data instanceof ASN1Sequence) {
+            return ((ASN1Sequence) data).getObjectAt(1).toASN1Primitive();
+        }
+        return data;
+    }
+
     static ByteList sign(final String signAlg, final PrivateKey privateKey, final ByteList data)
         throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
         Signature signature = SecurityHelper.getSignature(signAlg);

src/main/java/org/jruby/ext/openssl/PKeyDSA.java

@@ -40,6 +40,7 @@
 import java.security.spec.DSAPublicKeySpec;
 import java.security.spec.InvalidKeySpecException;
 
+import org.bouncycastle.asn1.ASN1Primitive;
 import org.jruby.Ruby;
 import org.jruby.RubyBoolean;
 import org.jruby.RubyClass;
@@ -62,8 +63,8 @@
 import static org.jruby.ext.openssl.OpenSSL.*;
 import static org.jruby.ext.openssl.impl.PKey.readDSAPrivateKey;
 import static org.jruby.ext.openssl.impl.PKey.readDSAPublicKey;
+import static org.jruby.ext.openssl.impl.PKey.toASN1Primitive;
 import static org.jruby.ext.openssl.impl.PKey.toDerDSAKey;
-import static org.jruby.ext.openssl.PKey._PKey;
 
 /**
  * @author <a href="mailto:[email protected]">Ola Bini</a>
@@ -317,6 +318,11 @@ public RubyString to_der() {
         return StringHelper.newString(getRuntime(), bytes);
     }
 
+    @Override
+    public ASN1Primitive toASN1PublicInfo() {
+        return toASN1Primitive(publicKey);
+    }
+
     @JRubyMethod
     public RubyString to_text() {
         StringBuilder result = new StringBuilder();

src/main/java/org/jruby/ext/openssl/PKeyRSA.java

@@ -50,6 +50,7 @@
 
 import static javax.crypto.Cipher.*;
 
+import org.bouncycastle.asn1.ASN1Primitive;
 import org.jruby.Ruby;
 import org.jruby.RubyClass;
 import org.jruby.RubyBignum;
@@ -71,9 +72,9 @@
 import org.jruby.ext.openssl.impl.CipherSpec;
 import org.jruby.ext.openssl.x509store.PEMInputOutput;
 import static org.jruby.ext.openssl.OpenSSL.*;
-import static org.jruby.ext.openssl.PKey._PKey;
 import static org.jruby.ext.openssl.impl.PKey.readRSAPrivateKey;
 import static org.jruby.ext.openssl.impl.PKey.readRSAPublicKey;
+import static org.jruby.ext.openssl.impl.PKey.toASN1Primitive;
 import static org.jruby.ext.openssl.impl.PKey.toDerRSAKey;
 
 /**
@@ -371,6 +372,11 @@ public RubyString to_der() {
         return StringHelper.newString(getRuntime(), bytes);
     }
 
+    @Override
+    public ASN1Primitive toASN1PublicInfo() {
+        return toASN1Primitive(publicKey);
+    }
+
     @JRubyMethod
     public PKeyRSA public_key() {
         return new PKeyRSA(getRuntime(), this.publicKey);

src/main/java/org/jruby/ext/openssl/X509ExtensionFactory.java

@@ -47,6 +47,7 @@
 import org.jruby.RubyObject;
 import org.jruby.RubyString;
 import org.jruby.anno.JRubyMethod;
+import org.jruby.exceptions.RaiseException;
 import org.jruby.runtime.Arity;
 import org.jruby.runtime.Block;
 import org.jruby.runtime.ObjectAllocator;
@@ -431,14 +432,23 @@ private byte[] issuerPublicKeyIdentifier(final ThreadContext context) {
 
     private byte[] publicKeyIdentifier(final ThreadContext context, final IRubyObject pkey) {
         final Ruby runtime = context.runtime;
-        IRubyObject der;
-        if (pkey instanceof PKeyRSA) {
-            der = pkey.callMethod(context, "to_der");
+        ByteList encoded;
+        if (pkey instanceof PKeyRSA || pkey instanceof PKeyDSA) {
+            try {
+                ASN1Primitive info = ((PKey) pkey).toASN1PublicInfo();
+                encoded = new ByteList(info.getEncoded(), false);
+            } catch (IOException ex) {
+                RaiseException error = context.runtime.newRuntimeError(ex.toString());
+                error.initCause(ex);
+                throw error;
+            }
         } else {
-            der = ASN1.decode(context, ASN1._ASN1(runtime), pkey.callMethod(context, "to_der"));
+            IRubyObject der = ASN1.decode(context, ASN1._ASN1(runtime), pkey.callMethod(context, "to_der"));
             der = der.callMethod(context, "value").callMethod(context, "[]", runtime.newFixnum(1)).callMethod(context, "value");
+            encoded = der.asString().getByteList();
         }
-        return getSHA1Digest(runtime, der.asString().getByteList());
+
+        return getSHA1Digest(runtime, encoded);
     }
 
     private IRubyObject getSubjectPublicKey(final ThreadContext context) {

src/main/java/org/jruby/ext/openssl/impl/PKey.java

@@ -54,6 +54,7 @@
 import java.security.spec.X509EncodedKeySpec;
 import javax.crypto.spec.DHParameterSpec;
 
+import org.bouncycastle.asn1.ASN1Encodable;
 import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Encoding;
 import org.bouncycastle.asn1.ASN1InputStream;
@@ -311,12 +312,9 @@ public static KeyPair readECPrivateKey(final KeyFactory ecFactory, final byte[]
 
     public static byte[] toDerRSAKey(RSAPublicKey pubKey, RSAPrivateCrtKey privKey) throws IOException {
         if ( pubKey != null && privKey == null ) {
-            ASN1EncodableVector vec = new ASN1EncodableVector();
-            vec.add(new ASN1Integer(pubKey.getModulus()));
-            vec.add(new ASN1Integer(pubKey.getPublicExponent()));
             // pubKey.getEncoded() :
             return KeyUtil.getEncodedSubjectPublicKeyInfo(
-                new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new DERSequence(vec)
+                new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), toASN1Primitive(pubKey)
             );
         }
         ASN1EncodableVector vec = new ASN1EncodableVector();
@@ -332,16 +330,28 @@ public static byte[] toDerRSAKey(RSAPublicKey pubKey, RSAPrivateCrtKey privKey)
         return new DERSequence(vec).toASN1Primitive().getEncoded(ASN1Encoding.DER);
     }
 
+    public static ASN1Sequence toASN1Primitive(RSAPublicKey pubKey) {
+        ASN1EncodableVector vec = new ASN1EncodableVector();
+        vec.add(new ASN1Integer(pubKey.getModulus()));
+        vec.add(new ASN1Integer(pubKey.getPublicExponent()));
+        return new DERSequence(vec);
+    }
+
     public static byte[] toDerDSAKey(DSAPublicKey pubKey, DSAPrivateKey privKey) throws IOException {
         if ( pubKey != null && privKey == null ) {
             // pubKey.getEncoded() :
             final DSAParams params = pubKey.getParams();
             if (params == null) {
-                return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa),
-                        new ASN1Integer(pubKey.getY())).getEncoded(ASN1Encoding.DER);
+                return new SubjectPublicKeyInfo(
+                        new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa),
+                        toASN1Primitive(pubKey)
+                ).getEncoded(ASN1Encoding.DER);
             }
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa,
-                    new DSAParameter(params.getP(), params.getQ(), params.getG())), new ASN1Integer(pubKey.getY())
+            return new SubjectPublicKeyInfo(
+                    new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa,
+                            new DSAParameter(params.getP(), params.getQ(), params.getG())
+                    ),
+                    toASN1Primitive(pubKey)
             ).getEncoded(ASN1Encoding.DER);
         }
         if ( privKey != null && pubKey != null ) {
@@ -359,11 +369,17 @@ public static byte[] toDerDSAKey(DSAPublicKey pubKey, DSAPrivateKey privKey) thr
             throw new IllegalArgumentException("private key as well as public key are null");
         }
         final DSAParams params = privKey.getParams();
-        return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa,
-                new DSAParameter(params.getP(), params.getQ(), params.getG())), new ASN1Integer(privKey.getX())
+        return new PrivateKeyInfo(
+                new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa,
+                        new DSAParameter(params.getP(), params.getQ(), params.getG())),
+                new ASN1Integer(privKey.getX())
         ).getEncoded(ASN1Encoding.DER);
     }
 
+    public static ASN1Primitive toASN1Primitive(DSAPublicKey pubKey) {
+        return new ASN1Integer(pubKey.getY());
+    }
+
     public static byte[] toDerDHKey(BigInteger p, BigInteger g) throws IOException {
         ASN1EncodableVector vec = new ASN1EncodableVector();
         if ( p != null ) vec.add( new ASN1Integer(p) );

src/test/ruby/x509/test_x509ext.rb

@@ -126,6 +126,57 @@ def test_to_der_is_the_same_for_non_critical
     assert ext1.to_der != ext2.to_der
   end
 
+  def test_subject_key_identifier_hash
+    #key = Fixtures.pkey("rsa1024")
+    key = OpenSSL::PKey::RSA.new(1024)
+    subject = "/C=FR/ST=IDF/L=PARIS/O=Company/CN=myhost.example"
+    cert = OpenSSL::X509::Certificate.new
+    cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
+
+    cert.not_before = now = Time.new(2020)
+    cert.not_after = now + 5 * 365 * 24 * 60 * 60
+    cert.public_key = key.public_key
+    cert.serial = 0x0
+    cert.version = 2
+
+    ef = OpenSSL::X509::ExtensionFactory.new
+    ef.subject_certificate = ef.issuer_certificate = cert
+
+    cert.add_extension ef.create_extension('basicConstraints', 'CA:FALSE', true)
+    cert.add_extension ef.create_extension('keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
+
+    sequence = rsa_key_seq(cert.public_key)
+    pp sequence if $DEBUG
+
+    cert.add_extension ef.create_extension('subjectKeyIdentifier', 'hash')
+    cert.add_extension ef.create_extension('authorityKeyIdentifier', 'keyid:always,issuer:always')
+
+    cert.sign key, OpenSSL::Digest::SHA256.new
+
+    assert_equal 4, cert.extensions.size
+    assert_equal 'subjectKeyIdentifier', cert.extensions[2].oid
+
+    assert_equal rsa_key_id(cert.public_key), cert.extensions[2].value
+    #assert_equal "D1:FE:F9:FB:F8:AE:1B:C1:60:CB:FA:03:E2:59:6D:D8:73:08:92:13", rsa_key_id(cert.public_key)
+    #assert_equal "D1:FE:F9:FB:F8:AE:1B:C1:60:CB:FA:03:E2:59:6D:D8:73:08:92:13", cert.extensions[2].value
+
+    # keyid:...\nDirName:/C=FR/ST=IDF/L=PARIS/O=Company/CN=myhost.example\nserial:00\n
+    auth_key_id_value = cert.extensions[3].value
+    key_id, dir_name, serial = auth_key_id_value.split("\n")
+    # assert_equal 'keyid:' + rsa_key_id(key), key_id
+    # assert_equal "DirName:#{subject}", dir_name
+    # assert_equal 'serial:00', serial
+  end
+
+  def rsa_key_seq(public_key)
+    OpenSSL::ASN1::Sequence [ OpenSSL::ASN1::Integer.new(public_key.n), OpenSSL::ASN1::Integer.new(public_key.e) ]
+  end
+
+  def rsa_key_id(public_key)
+    key_id = OpenSSL::Digest::SHA1.hexdigest(rsa_key_seq(public_key).to_der)
+    key_id.scan(/../).join(':').upcase
+  end
+
   def test_subject_alt_name_sign_to_pem
     domain_list = 'test.example.com,test2.example.com,example.com,www.example.com'