[fix] properly encode nameConstraints extension

create_extension("nameConstraints", "permitted;DNS:.example.com") was
falling through to the generic OCTET STRING path, producing raw ASCII
instead of the NameConstraints ASN.1 structure.

Tests updated to use create_extension directly instead of manual ASN.1
construction workaround.

Author: kares

src/main/java/org/jruby/ext/openssl/X509ExtensionFactory.java

@@ -42,6 +42,8 @@
 import org.bouncycastle.asn1.x509.DistributionPointName;
 import org.bouncycastle.asn1.x509.GeneralName;
 import org.bouncycastle.asn1.x509.GeneralNames;
+import org.bouncycastle.asn1.x509.GeneralSubtree;
+import org.bouncycastle.asn1.x509.NameConstraints;
 
 import org.jruby.Ruby;
 import org.jruby.RubyArray;
@@ -214,6 +216,9 @@ else if (id.equals("1.3.6.1.5.5.7.1.1")) { // authorityInfoAccess
             else if (isNetscapeIA5StringExtension(id)) {
                 value = new DEROctetString(new DERIA5String(valuex).getEncoded(ASN1Encoding.DER));
             }
+            else if (id.equals("2.5.29.30")) { // nameConstraints
+                value = parseNameConstraints(valuex);
+            }
             else {
                 value = new DEROctetString(new DEROctetString(ByteList.plain(valuex)).getEncoded(ASN1Encoding.DER));
             }
@@ -719,6 +724,42 @@ private ASN1Sequence parseAuthorityInfoAccess(final String valuex) throws IOExce
         return new DERSequence(vector);
     }
 
+    /**
+     * Parses nameConstraints from the OpenSSL config format:
+     * "permitted;DNS:.example.com,excluded;IP:10.0.0.0/255.0.0.0"
+     *
+     * C OpenSSL's v2i_NAME_CONSTRAINTS strips the "permitted"/"excluded" prefix
+     * and passes the remainder to v2i_GENERAL_NAME_ex.
+     */
+    private DEROctetString parseNameConstraints(final String valuex) throws IOException {
+        final java.util.List<GeneralSubtree> permitted = new java.util.ArrayList<>();
+        final java.util.List<GeneralSubtree> excluded = new java.util.ArrayList<>();
+
+        final String[] entries = valuex.split(",");
+        for (String entry : entries) {
+            entry = entry.trim();
+            final String nameValue;
+            final java.util.List<GeneralSubtree> target;
+            if (entry.startsWith("permitted;")) {
+                nameValue = entry.substring("permitted;".length()).trim();
+                target = permitted;
+            } else if (entry.startsWith("excluded;")) {
+                nameValue = entry.substring("excluded;".length()).trim();
+                target = excluded;
+            } else {
+                throw new IOException("Invalid nameConstraints syntax: " + entry);
+            }
+            final GeneralName name = parseGeneralName(nameValue);
+            target.add(new GeneralSubtree(name));
+        }
+
+        final NameConstraints nc = new NameConstraints(
+                permitted.isEmpty() ? null : permitted.toArray(new GeneralSubtree[0]),
+                excluded.isEmpty() ? null : excluded.toArray(new GeneralSubtree[0]));
+
+        return new DEROctetString(nc.getEncoded(ASN1Encoding.DER));
+    }
+
     private GeneralNames parseGeneralNames(final ThreadContext context, final String valuex) throws IOException {
         final String[] vals = splitGeneralNameParts(valuex);
         final GeneralName[] names = new GeneralName[vals.length];

src/test/ruby/x509/test_x509store.rb

@@ -592,30 +592,8 @@ def test_v_flag_partial_chain
     assert_equal OpenSSL::X509::V_OK, store2.error
   end
 
-  # Helper: build a proper ASN.1 nameConstraints extension since
-  # JRuby's create_extension doesn't encode nameConstraints correctly yet.
   private
 
-  def build_name_constraints_ext(permitted_dns: nil, excluded_dns: nil)
-    subtrees = []
-    if permitted_dns
-      dns_names = Array(permitted_dns).map do |name|
-        dns = OpenSSL::ASN1::IA5String.new(name, 2, :IMPLICIT, :CONTEXT_SPECIFIC)
-        OpenSSL::ASN1::Sequence.new([dns])
-      end
-      subtrees << OpenSSL::ASN1::Sequence.new(dns_names, 0, :IMPLICIT, :CONTEXT_SPECIFIC)
-    end
-    if excluded_dns
-      dns_names = Array(excluded_dns).map do |name|
-        dns = OpenSSL::ASN1::IA5String.new(name, 2, :IMPLICIT, :CONTEXT_SPECIFIC)
-        OpenSSL::ASN1::Sequence.new([dns])
-      end
-      subtrees << OpenSSL::ASN1::Sequence.new(dns_names, 1, :IMPLICIT, :CONTEXT_SPECIFIC)
-    end
-    nc = OpenSSL::ASN1::Sequence.new(subtrees)
-    OpenSSL::X509::Extension.new("nameConstraints", nc.to_der, true)
-  end
-
   def build_cert_with_san(name, serial, san_dns, issuer_cert, issuer_key)
     key = OpenSSL::PKey::RSA.new(2048)
     cert = OpenSSL::X509::Certificate.new
@@ -638,10 +616,9 @@ def test_name_constraints_permitted_dns
     now = Time.now
     ca_key = OpenSSL::PKey::RSA.new(2048)
     ca_cert = issue_cert(OpenSSL::X509::Name.parse("/CN=CA"), ca_key, 1,
-      [["basicConstraints","CA:TRUE",true],["keyUsage","cRLSign,keyCertSign",true]],
+      [["basicConstraints","CA:TRUE",true],["keyUsage","cRLSign,keyCertSign",true],
+       ["nameConstraints","permitted;DNS:.example.com",true]],
       nil, nil, not_before: now, not_after: now + 3600)
-    ca_cert.add_extension(build_name_constraints_ext(permitted_dns: [".example.com"]))
-    ca_cert.sign(ca_key, "SHA256")  # re-sign after adding extension
 
     good = build_cert_with_san("good", 10, "good.example.com", ca_cert, ca_key)
     bad = build_cert_with_san("bad", 11, "evil.attacker.com", ca_cert, ca_key)
@@ -658,10 +635,9 @@ def test_name_constraints_excluded_dns
     now = Time.now
     ca_key = OpenSSL::PKey::RSA.new(2048)
     ca_cert = issue_cert(OpenSSL::X509::Name.parse("/CN=CA"), ca_key, 1,
-      [["basicConstraints","CA:TRUE",true],["keyUsage","cRLSign,keyCertSign",true]],
+      [["basicConstraints","CA:TRUE",true],["keyUsage","cRLSign,keyCertSign",true],
+       ["nameConstraints","excluded;DNS:.evil.com",true]],
       nil, nil, not_before: now, not_after: now + 3600)
-    ca_cert.add_extension(build_name_constraints_ext(excluded_dns: [".evil.com"]))
-    ca_cert.sign(ca_key, "SHA256")
 
     good = build_cert_with_san("good", 10, "good.example.com", ca_cert, ca_key)
     bad = build_cert_with_san("bad", 11, "bad.evil.com", ca_cert, ca_key)
@@ -690,12 +666,9 @@ def test_name_constraints_permitted_and_excluded_combined
     now = Time.now
     ca_key = OpenSSL::PKey::RSA.new(2048)
     ca_cert = issue_cert(OpenSSL::X509::Name.parse("/CN=CA"), ca_key, 1,
-      [["basicConstraints","CA:TRUE",true],["keyUsage","cRLSign,keyCertSign",true]],
+      [["basicConstraints","CA:TRUE",true],["keyUsage","cRLSign,keyCertSign",true],
+       ["nameConstraints","permitted;DNS:.example.com,excluded;DNS:.bad.example.com",true]],
       nil, nil, not_before: now, not_after: now + 3600)
-    # Permit .example.com but exclude .bad.example.com
-    ca_cert.add_extension(build_name_constraints_ext(
-      permitted_dns: [".example.com"], excluded_dns: [".bad.example.com"]))
-    ca_cert.sign(ca_key, "SHA256")
 
     good = build_cert_with_san("good", 10, "good.example.com", ca_cert, ca_key)
     bad = build_cert_with_san("bad", 11, "test.bad.example.com", ca_cert, ca_key)