Issue #4805 has been updated by Hiroshi NAKAMURA.

Status changed from Open to Closed

On Thu, Jun 23, 2011 at 20:54, Martin Bosslet <Martin.Bosslet / googlemail.com> wrote:
>> ??For that purpose, algorithm should be fixed so they don't get Digester
>> ??as a parameter for X509_NAME_hash and X509_NAME_hash_old I guess.
>
> OK, I see, thanks for the info! X509_NAME_hash(_old) has a special meaning
> internally. I checked, there also exists X509_NAME_digest for the general
> purpose usage I was thinking of. It's also what they use internally to
> create the CertIDs in their OCSP implementation.

Ah, X509::Name#digest sounds good. I didn't know OCSP impl already used. Since ext/openssl is a wrapper, I don't like to break class hierarchy, name, etc. of OpenSSL. Original API should be defined under Security::Crypto or something and it should be OpenSSL free... someday.

>> I like 'X509::Name#hash' to be a wrapper of 'X509_NAME_hash' and
>> 'X509::Name#hash_old' is for 'X509::Name::hash_old'. I prefer to have
>> another name for hashing X509::Name if it's needed.
>
> Now that I have a better understanding of the context I completely agree.
> If we feel the need for a general-purpose method, we could probably also use
> X509::Name#digest in analogy to OpenSSL.

Thanks. Applied it at r32213.
----------------------------------------
Feature #4805: Add X509::Name#hash_old for 0.9.X compat
http://redmine.ruby-lang.org/issues/4805

Author: Hiroshi NAKAMURA
Status: Closed
Priority: Normal
Assignee: Hiroshi NAKAMURA
Category: ext
Target version: 1.9.3


X509::Name#hash with OpenSSL 1.0.0 returns different value than with OpenSSL 0.9.X.
Attached patch adds X509::Name#hash_old when you need MD5 based same X509_NAME_hash value as OpenSSL 0.9.X.

Martin, how do you think about adding it?


-- 
http://redmine.ruby-lang.org