[feat] implement Netscape::SPKI#to_text

Author: kares

src/main/java/org/jruby/ext/openssl/NetscapeSPKI.java

@@ -45,6 +45,7 @@
 import org.jruby.RubyClass;
 import org.jruby.RubyModule;
 import org.jruby.RubyObject;
+import org.jruby.RubyString;
 import org.jruby.anno.JRubyMethod;
 import org.jruby.exceptions.RaiseException;
 import org.jruby.ext.openssl.impl.Base64;
@@ -163,9 +164,63 @@ private byte[] toDER() throws IOException {
     }
 
     @JRubyMethod
-    public IRubyObject to_text() {
-        warn(getRuntime().getCurrentContext(), "WARNING: unimplemented method called: Netscape::SPKI#to_text");
-        return getRuntime().getNil();
+    public IRubyObject to_text(ThreadContext context) {
+        final Ruby runtime = context.runtime;
+
+        final StringBuilder text = new StringBuilder(256);
+        text.append("Netscape SPKI:\n");
+
+        final NetscapeCertRequest cert = (NetscapeCertRequest) this.cert;
+        if (cert == null) return StringHelper.newString(runtime, text);
+
+        // public key algorithm
+        final AlgorithmIdentifier keyAlg = cert.getKeyAlgorithm();
+        final String keyAlgName = resolveAlgorithmName(runtime, keyAlg);
+        text.append("  Public Key Algorithm: ").append(keyAlgName).append('\n');
+
+        if (public_key instanceof PKey) {
+            try {
+                final RubyString keyText = ((PKey) public_key).to_text();
+                for (CharSequence line : StringHelper.split(keyText, '\n')) {
+                    text.append("    ").append(line).append('\n');
+                }
+            } catch (Exception e) {
+                text.append("    Unable to load public key\n");
+            }
+        }
+
+        final String challenge = cert.getChallenge();
+        if (challenge != null && !challenge.isEmpty()) {
+            text.append("  Challenge String: ").append(challenge).append('\n');
+        }
+
+        final AlgorithmIdentifier sigAlg = cert.getSigningAlgorithm();
+        final String sigAlgName = resolveAlgorithmName(runtime, sigAlg);
+        text.append("  Signature Algorithm: ").append(sigAlgName);
+
+        // signature bytes as hex with : separators, 18 bytes per line
+        final byte[] sig = cert.getSignatureBits();
+        if (sig != null) {
+            for (int i = 0; i < sig.length; i++) {
+                if (i % 18 == 0) text.append("\n      ");
+                text.append(String.format("%02x", sig[i] & 0xFF));
+                if (i + 1 < sig.length) text.append(':');
+            }
+        }
+        text.append('\n');
+
+        return StringHelper.newString(runtime, text);
+    }
+
+    private static String resolveAlgorithmName(final Ruby runtime, final AlgorithmIdentifier algId) {
+        if (algId == null) return null;
+        try {
+            final String name = ASN1.oid2name(runtime, algId.getAlgorithm(), true);
+            if (name != null) return name;
+        } catch (RuntimeException e) {
+            debug("Failed to resolve algorithm name: " + algId, e);
+        }
+        return algId.getAlgorithm().getId();
     }
 
     @JRubyMethod

src/main/java/org/jruby/ext/openssl/impl/NetscapeCertRequest.java

@@ -202,6 +202,11 @@ public void setKeyAlgorithm(AlgorithmIdentifier value)
         keyAlg = value;
     }
 
+    public byte[] getSignatureBits()
+    {
+        return signatureBits;
+    }
+
     public PublicKey getPublicKey()
     {
         return publicKey;

src/test/ruby/test_ns_spki.rb

@@ -0,0 +1,29 @@
+require File.expand_path('test_helper', File.dirname(__FILE__))
+
+class TestNSSPKI < TestCase
+  # from the Netscape SPKI specification
+  B64 = 'MIHFMHEwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAnX0TILJrOMUue+PtwBRE6XfV' \
+        'WtKQbsshxk5ZhcUwcwyvcnIq9b82QhJdoACdD34rqfCAIND46fXKQUnb0mvKzQID' \
+        'AQABFhFNb3ppbGxhSXNNeUZyaWVuZDANBgkqhkiG9w0BAQQFAANBAAKv2Eex2n/S' \
+        'r/7iJNroWlSzSMtTiQTEB+ADWHGj9u1xrUrOilq/o2cuQxIfZcNZkYAkWP4DubqW' \
+        'i0//rgBvmco='
+
+  def test_decode_data
+    spki = OpenSSL::Netscape::SPKI.new(B64)
+    assert_equal 'MozillaIsMyFriend', spki.challenge
+    assert_instance_of OpenSSL::PKey::RSA, spki.public_key
+  end
+
+  def test_to_text
+    spki = OpenSSL::Netscape::SPKI.new(B64)
+    text = spki.to_text
+
+    assert_not_nil text, 'to_text should not return nil'
+    assert_match(/\ANetscape SPKI:\n/, text)
+    assert_match(/Public Key Algorithm: /, text)
+    assert_match(/Challenge String: MozillaIsMyFriend/, text)
+    assert_match(/Signature Algorithm: /, text)
+    # signature hex bytes with : separators
+    assert_match(/[0-9a-f]{2}(:[0-9a-f]{2})+/, text)
+  end
+end