to_der on ASN1Data should convert ruby strings into java strings before encoding

HoneyryderChuck · HoneyryderChuck · commit d2b2384373ea · 2025-04-30T17:43:12.000+01:00
diff --git a/src/main/java/org/jruby/ext/openssl/ASN1.java b/src/main/java/org/jruby/ext/openssl/ASN1.java
@@ -1357,6 +1357,10 @@ boolean isEOC() {
             return "EndOfContent".equals( getClassBaseName() );
         }
 
+        boolean isUniversal(final ThreadContext context) {
+            return "ASN1Data".equals(getClassBaseName()) && getTagClass(context) == 0;
+        }
+
         IRubyObject tagging() {
             return getInstanceVariable("@tagging");
         }
@@ -1395,16 +1399,50 @@ final ASN1TaggedObject toASN1TaggedObject(final ThreadContext context) {
 
             final IRubyObject value = callMethod(context, "value");
             if (value instanceof RubyArray) {
+                // Cruby openssl joins elements of array and casts to string
                 final RubyArray arr = (RubyArray) value;
-                assert ! arr.isEmpty();
 
+                String values = new String();
                 ASN1EncodableVector vec = new ASN1EncodableVector();
+
                 for (final IRubyObject obj : arr.toJavaArray()) {
-                    ASN1Encodable data = ((ASN1Data) obj).toASN1(context);
-                    if ( data == null ) break;
-                    vec.add( data );
+                    if (obj instanceof ASN1Data) {
+                        ASN1Encodable data = ((ASN1Data) obj).toASN1(context);
+                        if (data == null) break;
+                        vec.add(data);
+                    } else {
+                        final IRubyObject string = obj.checkStringType();
+                        if (string instanceof RubyString) {
+                            values = values.concat(string.asJavaString());
+                        } else {
+                            throw context.runtime.newTypeError(
+                                    "no implicit conversion of " + obj.getMetaClass().getBaseName() + " into String");
+                        }
+                    }
                 }
-                return new DERTaggedObject(isExplicitTagging(), tag, new DERSequence(vec));
+
+                if (vec.size() > 0) {
+                    // array of asn1 objects as value
+                    return new DERTaggedObject(isExplicitTagging(), tag, new DERSequence(vec));
+                }
+
+                // array of strings as value (default)
+                return new DERTaggedObject(isExplicitTagging(), tagClass, tag,
+                        new DERGeneralString(values));
+            } else if (value instanceof ASN1Data) {
+                return new DERTaggedObject(isExplicitTagging(), tagClass, tag, ((ASN1Data) value).toASN1(context));
+            } else if (value instanceof RubyObject) {
+                final IRubyObject string = value.checkStringType();
+                if (string instanceof RubyString) {
+                    return new DERTaggedObject(isExplicitTagging(), tagClass, tag,
+                            new DERGeneralString(string.asJavaString()));
+                } else {
+                    throw context.runtime.newTypeError(
+                            "no implicit conversion of " + value.getMetaClass().getBaseName() + " into String");
+                }
+            } else {
+                throw context.runtime.newTypeError(
+                        "no implicit conversion of " + value.getMetaClass().getBaseName() + " into String");
             }
 
             if (!(value instanceof ASN1Data)) {
@@ -1426,6 +1464,40 @@ public IRubyObject to_der(final ThreadContext context) {
 
         byte[] toDER(final ThreadContext context) throws IOException {
             if ( isEOC() ) return new byte[] { 0x00, 0x00 };
+
+            if (isUniversal(context)) {
+                // handstitch conversion
+                final java.io.ByteArrayOutputStream out = new ByteArrayOutputStream();
+                final IRubyObject value = callMethod(context, "value");
+
+                final byte[] valueBytes;
+                if (value instanceof RubyArray) {
+                    String values = new String();
+                    final RubyArray arr = (RubyArray) value;
+                    for (final IRubyObject obj : arr.toJavaArray()) {
+                        final IRubyObject string = value.checkStringType();
+                        if (string instanceof RubyString) {
+                            values = values + string;
+                        } else {
+                            throw context.runtime.newTypeError(
+                                    "no implicit conversion of " + obj.getMetaClass().getBaseName() + " into String");
+                        }
+                    }
+                    valueBytes = values.getBytes();
+                } else {
+                    final IRubyObject string = value.checkStringType();
+                    if (string instanceof RubyString) {
+                        valueBytes = ((RubyString) string).getBytes();
+                    } else {
+                        throw context.runtime.newTypeError(
+                                "no implicit conversion of " + value.getMetaClass().getBaseName() + " into String");
+                    }
+                }
+                out.write(getTag(context));
+                out.write(valueBytes.length);
+                out.write(valueBytes);
+                return out.toByteArray();
+            }
             return toASN1(context).toASN1Primitive().getEncoded(ASN1Encoding.DER);
         }
 
@@ -1619,6 +1691,11 @@ boolean isEOC() {
             return false;
         }
 
+        @Override
+        boolean isUniversal(final ThreadContext context) {
+            return false;
+        }
+
         private boolean isNull() {
             return "Null".equals(getMetaClass().getRealClass().getBaseName());
         }
diff --git a/src/test/ruby/test_asn1.rb b/src/test/ruby/test_asn1.rb
@@ -251,6 +251,36 @@ def test_null
     }
   end
 
+  def test_encode_asn1_data
+    ai = OpenSSL::ASN1::ASN1Data.new(i = "bla", 0, :APPLICATION)
+    ai2 = OpenSSL::ASN1.decode(ai.to_der)
+    assert_equal :APPLICATION, ai2.tag_class
+    assert_equal 0, ai2.tag
+    assert_equal i, ai2.value
+
+    ai = OpenSSL::ASN1::ASN1Data.new(i = "bla", 4, :UNIVERSAL)
+    ai2 = OpenSSL::ASN1.decode(ai.to_der)
+    assert_equal :UNIVERSAL, ai2.tag_class
+    assert_equal 4, ai2.tag
+    assert_equal i, ai2.value
+
+    ai = OpenSSL::ASN1::ASN1Data.new(i = ["bla"], 0, :APPLICATION)
+    ai2 = OpenSSL::ASN1.decode(ai.to_der)
+    assert_equal :APPLICATION, ai2.tag_class
+    assert_equal 0, ai2.tag
+    assert_equal "bla", ai2.value
+
+    ai = OpenSSL::ASN1::ASN1Data.new(i = ["bla", "bla"], 0, :APPLICATION)
+    ai2 = OpenSSL::ASN1.decode(ai.to_der)
+    assert_equal :APPLICATION, ai2.tag_class
+    assert_equal 0, ai2.tag
+    assert_equal "blabla", ai2.value
+
+    assert_raise(ArgumentError) { OpenSSL::ASN1::ASN1Data.new(1).to_der }
+    assert_raise("no implicit conversion of Integer into String") { OpenSSL::ASN1::ASN1Data.new(1, 0, :APPLICATION).to_der }
+    assert_raise("no implicit conversion of Integer into String") { OpenSSL::ASN1::ASN1Data.new(1, 0, :CONTEXT_SPECIFIC).to_der }
+  end
+
   def test_encode_nil
     #Primitives raise TypeError, Constructives NoMethodError
 
