OpenSSL::PKey::RSA.new fails to read encrypted RSA keys

[alagendijk-minddistrict]

The OpenSSL::PKey::RSA.new function fails to load encrypted RSA keys when not created with the -traditional option. I have tested with jruby 9.4.12.0 and jopenssl: 0.15.3

Steps to reproduce:

$ openssl genrsa  -aes256 -passout pass:password -out test.key 4096
$ jruby check.rb
ruby: jruby 9.4.12.0 (3.1.4) 2025-02-11 f4ab75096a OpenJDK 64-Bit Server VM 11.0.25+9-post-Ubuntu-1ubuntu122.04 on 11.0.25+9-post-Ubuntu-1ubuntu122.04 +jit [x86_64-linux]
openssl: 2.2.3
jopenssl: 0.15.3
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:
  initialize at org/jruby/ext/openssl/PKeyRSA.java:310
         new at org/jruby/RubyClass.java:936
      <main> at check.rb:6

$ # with "normal"  ruby:
$ ruby check.rb
ruby: ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux-gnu]
openssl: 3.0.0
true

When creating the key with -traditional option it does work:

$ openssl genrsa -traditional -aes256 -passout pass:password -out test.key 4096
$ jruby check.rb
ruby: jruby 9.4.12.0 (3.1.4) 2025-02-11 f4ab75096a OpenJDK 64-Bit Server VM 11.0.25+9-post-Ubuntu-1ubuntu122.04 on 11.0.25+9-post-Ubuntu-1ubuntu122.04 +jit [x86_64-linux]
openssl: 2.2.3
jopenssl: 0.15.3
true

$ # with "normal"  ruby:
$ ruby check.rb
ruby: ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux-gnu]
openssl: 3.0.0
true

check.rb script used:

require 'openssl'
pass = "password"
puts "ruby: #{RUBY_DESCRIPTION}"
puts "openssl: #{OpenSSL::VERSION}"
puts "jopenssl: #{JOpenSSL::VERSION}" if defined?(JOpenSSL)
key = OpenSSL::PKey::RSA.new File.read('test.key'), pass
puts key.private?