Feature #5103

[ext/openssl] Object equality for objects based on ASN.1 structures

Added by Martin Bosslet over 4 years ago. Updated 3 months ago.



Equality behaviour is not overridden by any of the classes that base on ASN.1 structures. This leads to
counterintuitive things such as

require 'openssl'
key = OpenSSL::PKey::RSA.new 256

puts [key].include?(key) # => true

key2 = OpenSSL::PKey.read key.to_pem

puts key == key2 # => false
puts [key].include?(key2) # => false

That's why I'd like to suggest to determine equality for these objects on the encoding level, i.e.
two such objects are equal iff obj1.to_der == obj2.to_der.


#1 Updated by Eric Hodel over 4 years ago

Is object equality on ASN.1 structures not useful or hard?

#2 Updated by Martin Bosslet over 4 years ago

Eric Hodel wrote:

Is object equality on ASN.1 structures not useful or hard?

I think it could be quite useful, for example when comparing certificates. Right now an easy way to do this is by comparing cert1.to_der == cert2.to_der.
But still I would prefer the more intuitive cert1 == cert2 and implement it so that it actually compares the binary DER representation internally. This would be quite easy to implement since all ASN.1-based classes feature a to_der method already.

#3 Updated by Yusuke Endoh about 3 years ago

  • Target version changed from 1.9.4 to next minor

#4 Updated by Zachary Scott 3 months ago

  • Assignee changed from Martin Bosslet to openssl

Also available in: Atom PDF