Project

General

Profile

Bug #6703

openssl: using a newly registered extension

Added by vbatts (Vincent Batts) about 7 years ago. Updated about 3 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
openssl
Target version:
-
ruby -v:
ruby 1.9.3p194 (2012-04-20 revision 35410) [x86_64-linux]
Backport:
[ruby-core:46210]

Description

When registering a new ASN.1 extension OBJ_create(), it should make it available for OBJ_ln2nid() and OBJ_sn2nid() searches that are performed in OpenSSL::X509::ExtensionFactory.create_ext
I've attached a ruby case where this should work,
As well as a C sample where you can see it working.

p.s. I wish that OBJ_txt2nid was added to the functions used when searching for the nid


Files

ossl_ext_bug.rb (317 Bytes) ossl_ext_bug.rb test case of seeing the case fail vbatts (Vincent Batts), 07/06/2012 06:27 AM
o.c (574 Bytes) o.c C example, but using OBJ_txt2nid() as well vbatts (Vincent Batts), 07/06/2012 06:27 AM

History

Updated by nahi (Hiroshi Nakamura) about 7 years ago

  • Status changed from Open to Assigned
  • Assignee set to nahi (Hiroshi Nakamura)
#2

Updated by zzak (Zachary Scott) about 4 years ago

  • Assignee changed from nahi (Hiroshi Nakamura) to openssl

Updated by rhenium (Kazuki Yamaguchi) about 3 years ago

  • Status changed from Assigned to Rejected

(from ossl_ext_bug.rb)

ef.create_extension('hurr','This is a test')

It doesn't work because OpenSSL (X509V3_EXT_nconf_nid()) doesn't know how to parse "This is a test". Please see x509v3_config(5) for details.

You can use the syntax described in ARBITRARY EXTENSIONS section:

asn1 = OpenSSL::ASN1::OctetString("This is a test")
ef.create_extension("hurr", "DER:#{asn1.to_der.unpack("H*")[0]}")

or using X509::Extension directly:

OpenSSL::X509::Extension.new("hurr", asn1)

Also available in: Atom PDF