OpenSSL::X509::CertificateError: unsupported algorithm 'EC'

[nicholasdower]

Dear JRuby folks,

When attempting to retrieve the EC public key of an X.509 certificate:

require 'net/http'
require 'openssl'
require 'uri'

cert_string = Net::HTTP.get(URI.parse('https://www.apple.com/certificateauthority/AppleRootCA-G3.cer'))
puts OpenSSL::X509::Certificate.new(cert_string).public_key

I am encountering the following error:

OpenSSL::X509::CertificateError: unsupported algorithm 'EC'
  public_key at org/jruby/ext/openssl/X509Cert.java:514
      <main> at -e:1

I noticed two things about X509Cert#public_key that I think are causing this:

1. When initializing the public key via X509Cert#initializePublicKey, only RSA and DSA are supported. See here and here.
2. X509Cert#public_key delegates to the certificate's public key's public_key method. This seems to work for OpenSSL::PKey::RSA and OpenSSL::PKey::DSA since their public_key methods return instances of OpenSSL::PKey::RSA and OpenSSL::PKey::DSA respectively (see here and here). But OpenSSL::PKey::EC's public_key method is documented as returning an OpenSSL::PKey::EC::Point (see here).

As far as I can tell, X509Cert#public_key should be returning an OpenSSL::PKey::EC in this case (That is also the behavior I see on MRI Ruby).

I took a shot at addressing this in #273. Please let me know if this is reasonable.

Thanks in advance for any advice/suggestions.