Project

General

Profile

Feature #5103

[ext/openssl] Object equality for objects based on ASN.1 structures

Added by Martin Bosslet about 5 years ago. Updated 12 months ago.

Status:
Feedback
Priority:
Normal
Assignee:
openssl
[ruby-core:38541]

Description

Equality behaviour is not overridden by any of the classes that base on ASN.1 structures. This leads to
counterintuitive things such as

require 'openssl'
key = OpenSSL::PKey::RSA.new 256

puts [key].include?(key) # => true

key2 = OpenSSL::PKey.read key.to_pem

puts key == key2 # => false
puts [key].include?(key2) # => false

That's why I'd like to suggest to determine equality for these objects on the encoding level, i.e.
two such objects are equal iff obj1.to_der == obj2.to_der.

History

#1 [ruby-core:38544] Updated by Eric Hodel about 5 years ago

Is object equality on ASN.1 structures not useful or hard?

#2 [ruby-core:38545] Updated by Martin Bosslet about 5 years ago

Eric Hodel wrote:

Is object equality on ASN.1 structures not useful or hard?

I think it could be quite useful, for example when comparing certificates. Right now an easy way to do this is by comparing cert1.to_der == cert2.to_der.
But still I would prefer the more intuitive cert1 == cert2 and implement it so that it actually compares the binary DER representation internally. This would be quite easy to implement since all ASN.1-based classes feature a to_der method already.

#3 [ruby-core:49672] Updated by Yusuke Endoh almost 4 years ago

  • Target version changed from 1.9.4 to next minor

#4 Updated by Zachary Scott 12 months ago

  • Assignee changed from Martin Bosslet to openssl

Also available in: Atom PDF