Issue #4805 has been updated by Hiroshi NAKAMURA. Status changed from Open to Closed On Thu, Jun 23, 2011 at 20:54, Martin Bosslet <Martin.Bosslet / googlemail.com> wrote: >> ??For that purpose, algorithm should be fixed so they don't get Digester >> ??as a parameter for X509_NAME_hash and X509_NAME_hash_old I guess. > > OK, I see, thanks for the info! X509_NAME_hash(_old) has a special meaning > internally. I checked, there also exists X509_NAME_digest for the general > purpose usage I was thinking of. It's also what they use internally to > create the CertIDs in their OCSP implementation. Ah, X509::Name#digest sounds good. I didn't know OCSP impl already used. Since ext/openssl is a wrapper, I don't like to break class hierarchy, name, etc. of OpenSSL. Original API should be defined under Security::Crypto or something and it should be OpenSSL free... someday. >> I like 'X509::Name#hash' to be a wrapper of 'X509_NAME_hash' and >> 'X509::Name#hash_old' is for 'X509::Name::hash_old'. I prefer to have >> another name for hashing X509::Name if it's needed. > > Now that I have a better understanding of the context I completely agree. > If we feel the need for a general-purpose method, we could probably also use > X509::Name#digest in analogy to OpenSSL. Thanks. Applied it at r32213. ---------------------------------------- Feature #4805: Add X509::Name#hash_old for 0.9.X compat http://redmine.ruby-lang.org/issues/4805 Author: Hiroshi NAKAMURA Status: Closed Priority: Normal Assignee: Hiroshi NAKAMURA Category: ext Target version: 1.9.3 X509::Name#hash with OpenSSL 1.0.0 returns different value than with OpenSSL 0.9.X. Attached patch adds X509::Name#hash_old when you need MD5 based same X509_NAME_hash value as OpenSSL 0.9.X. Martin, how do you think about adding it? -- http://redmine.ruby-lang.org