Feature #5103

[ext/openssl] Object equality for objects based on ASN.1 structures

Added by Martin Bosslet about 4 years ago. Updated 27 days ago.



Equality behaviour is not overridden by any of the classes that base on ASN.1 structures. This leads to
counterintuitive things such as

require 'openssl'
key = OpenSSL::PKey::RSA.new 256

puts [key].include?(key) # => true

key2 = OpenSSL::PKey.read key.to_pem

puts key == key2 # => false
puts [key].include?(key2) # => false

That's why I'd like to suggest to determine equality for these objects on the encoding level, i.e.
two such objects are equal iff obj1.to_der == obj2.to_der.


#1 Updated by Eric Hodel about 4 years ago

Is object equality on ASN.1 structures not useful or hard?

#2 Updated by Martin Bosslet about 4 years ago

Eric Hodel wrote:

Is object equality on ASN.1 structures not useful or hard?

I think it could be quite useful, for example when comparing certificates. Right now an easy way to do this is by comparing cert1.to_der == cert2.to_der.
But still I would prefer the more intuitive cert1 == cert2 and implement it so that it actually compares the binary DER representation internally. This would be quite easy to implement since all ASN.1-based classes feature a to_der method already.

#3 Updated by Yusuke Endoh almost 3 years ago

  • Target version changed from 1.9.4 to next minor

#4 Updated by Zachary Scott 27 days ago

  • Assignee changed from Martin Bosslet to openssl

Also available in: Atom PDF