Skip to content

Commit

Permalink
Refactor ASN1 call (opensearch-project#4729)
Browse files Browse the repository at this point in the history
Signed-off-by: Terry Quigley <[email protected]>
  • Loading branch information
terryquigleysas authored Sep 16, 2024
1 parent 16f5050 commit 7ddbf6a
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
package org.opensearch.security.ssl;

import java.io.File;
import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
Expand Down Expand Up @@ -1223,9 +1224,10 @@ private List<String> getOtherName(List<?> altName) {
final ASN1Sequence sequence = ASN1Sequence.getInstance(asn1Primitive);
final ASN1ObjectIdentifier asn1ObjectIdentifier = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(0));
final ASN1TaggedObject asn1TaggedObject = ASN1TaggedObject.getInstance(sequence.getObjectAt(1));
ASN1Object maybeTaggedAsn1Primitive = asn1TaggedObject.getBaseObject();
Method getObjectMethod = getObjectMethod();
ASN1Object maybeTaggedAsn1Primitive = (ASN1Primitive) getObjectMethod.invoke(asn1TaggedObject);
if (maybeTaggedAsn1Primitive instanceof ASN1TaggedObject) {
maybeTaggedAsn1Primitive = ASN1TaggedObject.getInstance(maybeTaggedAsn1Primitive).getBaseObject();
maybeTaggedAsn1Primitive = (ASN1Primitive) getObjectMethod.invoke(maybeTaggedAsn1Primitive);
}
if (maybeTaggedAsn1Primitive instanceof ASN1String) {
return ImmutableList.of(asn1ObjectIdentifier.getId(), maybeTaggedAsn1Primitive.toString());
Expand All @@ -1237,4 +1239,13 @@ private List<String> getOtherName(List<?> altName) {
throw new RuntimeException("Couldn't parse subject alternative names", ioe);
}
}

static Method getObjectMethod() throws ClassNotFoundException, NoSuchMethodException {
Class<?> asn1TaggedObjectClass = Class.forName("org.bouncycastle.asn1.ASN1TaggedObject");
try {
return asn1TaggedObjectClass.getMethod("getBaseObject");
} catch (NoSuchMethodException ex) {
return asn1TaggedObjectClass.getMethod("getObject");
}
}
}
15 changes: 15 additions & 0 deletions src/test/java/org/opensearch/security/ssl/SSLTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

package org.opensearch.security.ssl;

import java.lang.reflect.Method;
import java.net.SocketException;
import java.nio.file.Paths;
import java.security.Security;
Expand Down Expand Up @@ -1291,4 +1292,18 @@ public void testHttpsAndNodeSSLPemExtendedUsageEnabled() throws Exception {
Assert.assertTrue(res.contains("CN=node-0.example.com,OU=SSL,O=Test,L=Test,C=DE"));
Assert.assertTrue(rh.executeSimpleRequest("_nodes/settings?pretty").contains(clusterInfo.clustername));
}

@Test
public void testGetObjectMethod() {
try {
Method method = DefaultSecurityKeyStore.getObjectMethod();
Assert.assertNotNull("Method should not be null", method);
Assert.assertTrue(
"One of the expected methods should be available",
method.getName().equals("getBaseObject") || method.getName().equals("getObject")
);
} catch (ClassNotFoundException | NoSuchMethodException e) {
Assert.fail("Exception should not be thrown: " + e.getMessage());
}
}
}

0 comments on commit 7ddbf6a

Please sign in to comment.