From 394322e9ae2f7b3205f176d65efb2a6cd14c9ea7 Mon Sep 17 00:00:00 2001
From: Bernd Schmidt <bernd.schmidt@sumcumo.com>
Date: Fri, 3 Jun 2022 11:25:53 +0200
Subject: [PATCH] fix: adapt initialiser hack to current OpenSSL::PKey
 implementation

instead of one parameters it allows a series of parameters (including none). This mostly caused issues when none was given - part of the rails initialisation - since at least one parameter was expected

However, it also adds an additional check to avoid issues when a different number of parameters are given: otherwise `der_to_pem` could raise an error - hiding the true error from the PKey initialisers
---
 lib/keystores/jks/pkcs8_key.rb | 30 +++++++++++++++++++++---------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/lib/keystores/jks/pkcs8_key.rb b/lib/keystores/jks/pkcs8_key.rb
index 6b37dee..b0b401f 100644
--- a/lib/keystores/jks/pkcs8_key.rb
+++ b/lib/keystores/jks/pkcs8_key.rb
@@ -6,14 +6,18 @@ module PKey
     class EC
       original_initialize = instance_method(:initialize)
 
-      define_method(:initialize) do |der_or_pem|
+      define_method(:initialize) do |*several_variants|
         init = original_initialize.bind(self)
         begin
-          init.(der_or_pem)
+          init.(*several_variants)
         rescue Exception
           # If we blow up trying to parse the key, we might be der encoded PKCS8, and if we are, convert ourselves
           # to PEM and try again.
-          init.(OpenSSL::PKey.der_to_pem(der_or_pem))
+          if several_variants.count == 1
+            init.(OpenSSL::PKey.der_to_pem(*several_variants))
+          else
+            raise
+          end
         end
       end
 
@@ -60,14 +64,18 @@ def encode_private_key
     class RSA
       original_initialize = instance_method(:initialize)
 
-      define_method(:initialize) do |der_or_pem|
+      define_method(:initialize) do |*several_variants|
         init = original_initialize.bind(self)
         begin
-          init.(der_or_pem)
+          init.(*several_variants)
         rescue Exception
           # If we blow up trying to parse the key, we might be der encoded PKCS8, and if we are, convert ourselves
           # to PEM and try again.
-          init.(OpenSSL::PKey.der_to_pem(der_or_pem))
+          if several_variants.count == 1
+            init.(OpenSSL::PKey.der_to_pem(*several_variants))
+          else
+            raise
+          end
         end
       end
 
@@ -105,14 +113,18 @@ def to_pkcs8_pem
     class DSA
       original_initialize = instance_method(:initialize)
 
-      define_method(:initialize) do |der_or_pem|
+      define_method(:initialize) do |*several_variants|
         init = original_initialize.bind(self)
         begin
-          init.(der_or_pem)
+          init.(*several_variants)
         rescue Exception
           # If we blow up trying to parse the key, we might be der encoded PKCS8, and if we are, convert ourselves
           # to PEM and try again.
-          init.(OpenSSL::PKey.der_to_pem(der_or_pem))
+          if several_variants.count == 1
+            init.(OpenSSL::PKey.der_to_pem(*several_variants))
+          else
+            raise
+          end
         end
       end