diff --git a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java index 95ed44ee07..2556162c9d 100644 --- a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java +++ b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java @@ -18,6 +18,7 @@ package org.opensearch.security.ssl; import java.io.File; +import java.lang.reflect.Method; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.LinkOption; @@ -1184,9 +1185,10 @@ private List getOtherName(List altName) { final ASN1Sequence sequence = ASN1Sequence.getInstance(asn1Primitive); final ASN1ObjectIdentifier asn1ObjectIdentifier = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(0)); final ASN1TaggedObject asn1TaggedObject = ASN1TaggedObject.getInstance(sequence.getObjectAt(1)); - ASN1Object maybeTaggedAsn1Primitive = asn1TaggedObject.getBaseObject(); + Method getObjectMethod = getObjectMethod(); + ASN1Object maybeTaggedAsn1Primitive = (ASN1Primitive) getObjectMethod.invoke(asn1TaggedObject); if (maybeTaggedAsn1Primitive instanceof ASN1TaggedObject) { - maybeTaggedAsn1Primitive = ASN1TaggedObject.getInstance(maybeTaggedAsn1Primitive).getBaseObject(); + maybeTaggedAsn1Primitive = (ASN1Primitive) getObjectMethod.invoke(maybeTaggedAsn1Primitive); } if (maybeTaggedAsn1Primitive instanceof ASN1String) { return ImmutableList.of(asn1ObjectIdentifier.getId(), maybeTaggedAsn1Primitive.toString()); @@ -1198,4 +1200,13 @@ private List getOtherName(List altName) { throw new RuntimeException("Couldn't parse subject alternative names", ioe); } } + + static Method getObjectMethod() throws ClassNotFoundException, NoSuchMethodException { + Class asn1TaggedObjectClass = Class.forName("org.bouncycastle.asn1.ASN1TaggedObject"); + try { + return asn1TaggedObjectClass.getMethod("getBaseObject"); + } catch (NoSuchMethodException ex) { + return asn1TaggedObjectClass.getMethod("getObject"); + } + } } diff --git a/src/test/java/org/opensearch/security/ssl/SSLTest.java b/src/test/java/org/opensearch/security/ssl/SSLTest.java index 4210c91573..3a146767c1 100644 --- a/src/test/java/org/opensearch/security/ssl/SSLTest.java +++ b/src/test/java/org/opensearch/security/ssl/SSLTest.java @@ -17,6 +17,7 @@ package org.opensearch.security.ssl; +import java.lang.reflect.Method; import java.net.SocketException; import java.nio.file.Paths; import java.security.Security; @@ -1289,4 +1290,18 @@ public void testHttpsAndNodeSSLPemExtendedUsageEnabled() throws Exception { Assert.assertTrue(res.contains("CN=node-0.example.com,OU=SSL,O=Test,L=Test,C=DE")); Assert.assertTrue(rh.executeSimpleRequest("_nodes/settings?pretty").contains(clusterInfo.clustername)); } + + @Test + public void testGetObjectMethod() { + try { + Method method = DefaultSecurityKeyStore.getObjectMethod(); + Assert.assertNotNull("Method should not be null", method); + Assert.assertTrue( + "One of the expected methods should be available", + method.getName().equals("getBaseObject") || method.getName().equals("getObject") + ); + } catch (ClassNotFoundException | NoSuchMethodException e) { + Assert.fail("Exception should not be thrown: " + e.getMessage()); + } + } }