Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenSSL::X509::Certificate#to_text error #322

Open
segiddins opened this issue Dec 2, 2024 · 0 comments
Open

OpenSSL::X509::Certificate#to_text error #322

segiddins opened this issue Dec 2, 2024 · 0 comments

Comments

@segiddins
Copy link

Running the following:

#!/usr/bin/env ruby

require "rubygems"
require 'openssl'

pem = <<~PEM
  -----BEGIN CERTIFICATE-----
  MIIIMDCCB7agAwIBAgIUaUHXj0S4ZNEEjDxaXlzPw/VYQQ4wCgYIKoZIzj0EAwMw
  NzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRl
  cm1lZGlhdGUwHhcNMjMwOTI3MTYwNDQwWhcNMjMwOTI3MTYxNDQwWjAAMFkwEwYH
  KoZIzj0CAQYIKoZIzj0DAQcDQgAEad0Uh6twE3x8YAbfBme0T/G0V2xxIl0rw/uY
  8GfamPrQk3AzW9b/TwQMtipyTY2GAPDC7SVbZTxGBd6BtTWUmqOCBtUwggbRMA4G
  A1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUOizU
  dUPvmWDSB8LtOjpjyLNKgM0wHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4Y
  ZD8wgaUGA1UdEQEB/wSBmjCBl4aBlGh0dHBzOi8vZ2l0aHViLmNvbS9zaWdzdG9y
  ZS1jb25mb3JtYW5jZS9leHRyZW1lbHktZGFuZ2Vyb3VzLXB1YmxpYy1vaWRjLWJl
  YWNvbi8uZ2l0aHViL3dvcmtmbG93cy9leHRyZW1lbHktZGFuZ2Vyb3VzLW9pZGMt
  YmVhY29uLnltbEByZWZzL2hlYWRzL21haW4wOQYKKwYBBAGDvzABAQQraHR0cHM6
  Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTAfBgorBgEEAYO/
  MAECBBF3b3JrZmxvd19kaXNwYXRjaDA2BgorBgEEAYO/MAEDBChmZTdhZGU5MWY0
  YzRkNDZjZTc5ODg2ZmE4MGRmODAwNmEzZmFlOWUyMC0GCisGAQQBg78wAQQEH0V4
  dHJlbWVseSBkYW5nZXJvdXMgT0lEQyBiZWFjb24wSQYKKwYBBAGDvzABBQQ7c2ln
  c3RvcmUtY29uZm9ybWFuY2UvZXh0cmVtZWx5LWRhbmdlcm91cy1wdWJsaWMtb2lk
  Yy1iZWFjb24wHQYKKwYBBAGDvzABBgQPcmVmcy9oZWFkcy9tYWluMDsGCisGAQQB
  g78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50
  LmNvbTCBpgYKKwYBBAGDvzABCQSBlwyBlGh0dHBzOi8vZ2l0aHViLmNvbS9zaWdz
  dG9yZS1jb25mb3JtYW5jZS9leHRyZW1lbHktZGFuZ2Vyb3VzLXB1YmxpYy1vaWRj
  LWJlYWNvbi8uZ2l0aHViL3dvcmtmbG93cy9leHRyZW1lbHktZGFuZ2Vyb3VzLW9p
  ZGMtYmVhY29uLnltbEByZWZzL2hlYWRzL21haW4wOAYKKwYBBAGDvzABCgQqDChm
  ZTdhZGU5MWY0YzRkNDZjZTc5ODg2ZmE4MGRmODAwNmEzZmFlOWUyMB0GCisGAQQB
  g78wAQsEDwwNZ2l0aHViLWhvc3RlZDBeBgorBgEEAYO/MAEMBFAMTmh0dHBzOi8v
  Z2l0aHViLmNvbS9zaWdzdG9yZS1jb25mb3JtYW5jZS9leHRyZW1lbHktZGFuZ2Vy
  b3VzLXB1YmxpYy1vaWRjLWJlYWNvbjA4BgorBgEEAYO/MAENBCoMKGZlN2FkZTkx
  ZjRjNGQ0NmNlNzk4ODZmYTgwZGY4MDA2YTNmYWU5ZTIwHwYKKwYBBAGDvzABDgQR
  DA9yZWZzL2hlYWRzL21haW4wGQYKKwYBBAGDvzABDwQLDAk2MzI1OTY4OTcwNwYK
  KwYBBAGDvzABEAQpDCdodHRwczovL2dpdGh1Yi5jb20vc2lnc3RvcmUtY29uZm9y
  bWFuY2UwGQYKKwYBBAGDvzABEQQLDAkxMzE4MDQ1NjMwgaYGCisGAQQBg78wARIE
  gZcMgZRodHRwczovL2dpdGh1Yi5jb20vc2lnc3RvcmUtY29uZm9ybWFuY2UvZXh0
  cmVtZWx5LWRhbmdlcm91cy1wdWJsaWMtb2lkYy1iZWFjb24vLmdpdGh1Yi93b3Jr
  Zmxvd3MvZXh0cmVtZWx5LWRhbmdlcm91cy1vaWRjLWJlYWNvbi55bWxAcmVmcy9o
  ZWFkcy9tYWluMDgGCisGAQQBg78wARMEKgwoZmU3YWRlOTFmNGM0ZDQ2Y2U3OTg4
  NmZhODBkZjgwMDZhM2ZhZTllMjAhBgorBgEEAYO/MAEUBBMMEXdvcmtmbG93X2Rp
  c3BhdGNoMIGBBgorBgEEAYO/MAEVBHMMcWh0dHBzOi8vZ2l0aHViLmNvbS9zaWdz
  dG9yZS1jb25mb3JtYW5jZS9leHRyZW1lbHktZGFuZ2Vyb3VzLXB1YmxpYy1vaWRj
  LWJlYWNvbi9hY3Rpb25zL3J1bnMvNjMyODQ5OTI2My9hdHRlbXB0cy8xMBYGCisG
  AQQBg78wARYECAwGcHVibGljMIGJBgorBgEEAdZ5AgQCBHsEeQB3AHUA3T0wasbH
  ETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGK12KksgAABAMARjBEAiB/73GK
  v9a3CdW4uBkWhNw1W0YCeLuBLRi/Pv6yrASVpwIgOrK8L2ubaLnXSWAiK76oDmmJ
  1MaHKGanSuh13pxW4fgwCgYIKoZIzj0EAwMDaAAwZQIwaG18DfwChTX9hPA/WADa
  i9Wh9i3hESo5Nixoff/71AtMwETfBDu2MVN3lqo8o73NAjEAxed8hLxiJdxmZ3ZA
  XPOarzmFTZLPC794+i15i7RqInsZ49FtUVLjHuvccINZL63Y
  -----END CERTIFICATE-----
PEM

cert = OpenSSL::X509::Certificate.new(pem)
puts cert.to_text

Jruby-openssl 0.15.2:

OpenSSL::X509::ExtensionError: unknown tag 13 encountered
    value at org/jruby/ext/openssl/X509Extension.java:570
  to_text at org/jruby/ext/openssl/X509Cert.java:384
   <main> at Untitled.rb:57

MRI

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:41:d7:8f:44:b8:64:d1:04:8c:3c:5a:5e:5c:cf:c3:f5:58:41:0e
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: O=sigstore.dev, CN=sigstore-intermediate
        Validity
            Not Before: Sep 27 16:04:40 2023 GMT
            Not After : Sep 27 16:14:40 2023 GMT
        Subject: 
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:69:dd:14:87:ab:70:13:7c:7c:60:06:df:06:67:
                    b4:4f:f1:b4:57:6c:71:22:5d:2b:c3:fb:98:f0:67:
                    da:98:fa:d0:93:70:33:5b:d6:ff:4f:04:0c:b6:2a:
                    72:4d:8d:86:00:f0:c2:ed:25:5b:65:3c:46:05:de:
                    81:b5:35:94:9a
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                Code Signing
            X509v3 Subject Key Identifier: 
                3A:2C:D4:75:43:EF:99:60:D2:07:C2:ED:3A:3A:63:C8:B3:4A:80:CD
            X509v3 Authority Key Identifier: 
                DF:D3:E9:CF:56:24:11:96:F9:A8:D8:E9:28:55:A2:C6:2E:18:64:3F
            X509v3 Subject Alternative Name: critical
                URI:https://github.com/sigstore-conformance/extremely-dangerous-public-oidc-beacon/.github/workflows/extremely-dangerous-oidc-beacon.yml@refs/heads/main
            1.3.6.1.4.1.57264.1.1: 
                https://token.actions.githubusercontent.com
            1.3.6.1.4.1.57264.1.2: 
                workflow_dispatch
            1.3.6.1.4.1.57264.1.3: 
                fe7ade91f4c4d46ce79886fa80df8006a3fae9e2
            1.3.6.1.4.1.57264.1.4: 
                Extremely dangerous OIDC beacon
            1.3.6.1.4.1.57264.1.5: 
                sigstore-conformance/extremely-dangerous-public-oidc-beacon
            1.3.6.1.4.1.57264.1.6: 
                refs/heads/main
            1.3.6.1.4.1.57264.1.8: 
                .+https://token.actions.githubusercontent.com
            1.3.6.1.4.1.57264.1.9: 
                ...https://github.com/sigstore-conformance/extremely-dangerous-public-oidc-beacon/.github/workflows/extremely-dangerous-oidc-beacon.yml@refs/heads/main
            1.3.6.1.4.1.57264.1.10: 
                .(fe7ade91f4c4d46ce79886fa80df8006a3fae9e2
            1.3.6.1.4.1.57264.1.11: 
github-hosted   .
            1.3.6.1.4.1.57264.1.12: 
                .Nhttps://github.com/sigstore-conformance/extremely-dangerous-public-oidc-beacon
            1.3.6.1.4.1.57264.1.13: 
                .(fe7ade91f4c4d46ce79886fa80df8006a3fae9e2
            1.3.6.1.4.1.57264.1.14: 
                ..refs/heads/main
            1.3.6.1.4.1.57264.1.15: 
                ..632596897
            1.3.6.1.4.1.57264.1.16: 
                .'https://github.com/sigstore-conformance
            1.3.6.1.4.1.57264.1.17: 
                ..131804563
            1.3.6.1.4.1.57264.1.18: 
                ...https://github.com/sigstore-conformance/extremely-dangerous-public-oidc-beacon/.github/workflows/extremely-dangerous-oidc-beacon.yml@refs/heads/main
            1.3.6.1.4.1.57264.1.19: 
                .(fe7ade91f4c4d46ce79886fa80df8006a3fae9e2
            1.3.6.1.4.1.57264.1.20: 
                ..workflow_dispatch
            1.3.6.1.4.1.57264.1.21: 
                .qhttps://github.com/sigstore-conformance/extremely-dangerous-public-oidc-beacon/actions/runs/6328499263/attempts/1
            1.3.6.1.4.1.57264.1.22: 
                ..public
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DD:3D:30:6A:C6:C7:11:32:63:19:1E:1C:99:67:37:02:
                                A2:4A:5E:B8:DE:3C:AD:FF:87:8A:72:80:2F:29:EE:8E
                    Timestamp : Sep 27 16:04:40.754 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7F:EF:71:8A:BF:D6:B7:09:D5:B8:B8:19:
                                16:84:DC:35:5B:46:02:78:BB:81:2D:18:BF:3E:FE:B2:
                                AC:04:95:A7:02:20:3A:B2:BC:2F:6B:9B:68:B9:D7:49:
                                60:22:2B:BE:A8:0E:69:89:D4:C6:87:28:66:A7:4A:E8:
                                75:DE:9C:56:E1:F8
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:30:68:6d:7c:0d:fc:02:85:35:fd:84:f0:3f:58:00:
        da:8b:d5:a1:f6:2d:e1:11:2a:39:36:2c:68:7d:ff:fb:d4:0b:
        4c:c0:44:df:04:3b:b6:31:53:77:96:aa:3c:a3:bd:cd:02:31:
        00:c5:e7:7c:84:bc:62:25:dc:66:67:76:40:5c:f3:9a:af:39:
        85:4d:92:cf:0b:bf:78:fa:2d:79:8b:b4:6a:22:7b:19:e3:d1:
        6d:51:52:e3:1e:eb:dc:70:83:59:2f:ad:d8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant