summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog14
-rw-r--r--ext/openssl/ossl_asn1.c4
-rw-r--r--test/openssl/test_asn1.rb14
3 files changed, 32 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 35ea4d0144..9ad75eac00 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
+Mon Aug 23 11:42:41 2010 NAKAMURA, Hiroshi <nahi@ruby-lang.org>
+
+ * ext/openssl/ossl_asn1.c (obj_to_asn1bool): fixed ASN1::Boolean
+ encoding issue for OpenSSL 1.0.0 compatibility.
+ ASN1::Boolean.new(false).to_der wrongly generated "\1\1\377" which
+ means 'true'. [BUG:3735]
+
+ ASN1_TYPE_set of OpenSSL <= 0.9.8 treats value 0x100 as 'false' but
+ OpenSSL >= 1.0.0 treats it as 'true'. ruby-ossl was using 0x100 for
+ 'false' for backward compatibility. Just use 0x0 for the case
+ OpenSSL >= OpenSSL 0.9.7.
+
+ * test/openssl/test_asn1.rb: test added.
+
Thu Aug 19 22:57:43 2010 NAKAMURA, Hiroshi <nahi@ruby-lang.org>
* test/openssl/{test_x509cert.rb,test_ssl.rb,test_x509req.rb}: added
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
index 6aff2b7e95..e6169f96ae 100644
--- a/ext/openssl/ossl_asn1.c
+++ b/ext/openssl/ossl_asn1.c
@@ -196,7 +196,11 @@ static ID sUNIVERSAL, sAPPLICATION, sCONTEXT_SPECIFIC, sPRIVATE;
static ASN1_BOOLEAN
obj_to_asn1bool(VALUE obj)
{
+#if OPENSSL_VERSION_NUMBER < 0x00907000L
return RTEST(obj) ? 0xff : 0x100;
+#else
+ return RTEST(obj) ? 0xff : 0x0;
+#endif
}
static ASN1_INTEGER*
diff --git a/test/openssl/test_asn1.rb b/test/openssl/test_asn1.rb
index f196bc48fb..d9dd4ecd21 100644
--- a/test/openssl/test_asn1.rb
+++ b/test/openssl/test_asn1.rb
@@ -194,4 +194,18 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
assert_equal(cululated_sig, sig_val.value)
end
+
+ def test_encode_boolean
+ encode_decode_test(OpenSSL::ASN1::Boolean, [true, false])
+ end
+
+ def test_encode_integer
+ encode_decode_test(OpenSSL::ASN1::Integer, [72, -127, -128, 128, -1, 0, 1, -(2**12345), 2**12345])
+ end
+
+ def encode_decode_test(type, values)
+ values.each do |v|
+ assert_equal(v, OpenSSL::ASN1.decode(type.new(v).to_der).value)
+ end
+ end
end if defined?(OpenSSL)
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-25 09:04:32 +0000