From f9843bc4dcc9b7313ed5a631390c502a894f2f82 Mon Sep 17 00:00:00 2001 From: rhe Date: Thu, 9 Jun 2016 12:42:08 +0000 Subject: openssl: use ASN1_ENUMERATED_to_BN() if needed * ext/openssl/ossl_asn1.c (asn1integer_to_num): Use ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN. Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are almost identical so they behaved in the same way in OpenSSL <= 1.0.2. [ruby-core:75225] [Feature #12324] * test/openssl/test_asn1.rb (test_decode_enumerated): Test that it works. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55344 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 12 ++++++++++++ ext/openssl/ossl_asn1.c | 8 ++++++-- test/openssl/test_asn1.rb | 6 ++++++ 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 14822e07b3..98bdc744b5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,15 @@ +Thu Jun 9 21:42:00 2016 Kazuki Yamaguchi + + * ext/openssl/ossl_asn1.c (asn1integer_to_num): Use + ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN. + Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects + non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are + almost identical so they behaved in the same way in OpenSSL <= 1.0.2. + [ruby-core:75225] [Feature #12324] + + * test/openssl/test_asn1.rb (test_decode_enumerated): Test that it + works. + Thu Jun 9 21:10:04 2016 Kazuhiro NISHIYAMA * tool/ifchange: fix timestamp error when target without diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index 03822b5c26..cbedd59efa 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -125,9 +125,13 @@ asn1integer_to_num(ASN1_INTEGER *ai) if (!ai) { ossl_raise(rb_eTypeError, "ASN1_INTEGER is NULL!"); } - if (!(bn = ASN1_INTEGER_to_BN(ai, NULL))) { + if (ai->type == V_ASN1_ENUMERATED) + bn = ASN1_ENUMERATED_to_BN(ai, NULL); + else + bn = ASN1_INTEGER_to_BN(ai, NULL); + + if (!bn) ossl_raise(eOSSLError, NULL); - } #if DO_IT_VIA_RUBY if (!(txt = BN_bn2dec(bn))) { BN_free(bn); diff --git a/test/openssl/test_asn1.rb b/test/openssl/test_asn1.rb index 96c0859cfc..f226da5c66 100644 --- a/test/openssl/test_asn1.rb +++ b/test/openssl/test_asn1.rb @@ -280,6 +280,12 @@ rEzBQ0F9dUyqQ9gyRg8KHhDfv9HzT1d/rnUZMkoombwYBRIUChGCYV0GnJcan2Zm assert_equal 2 ** 31, OpenSSL::ASN1.decode(encoded).value.to_i end + def test_decode_enumerated + encoded = OpenSSL::ASN1.Enumerated(0).to_der + assert_equal "\x0a\x01\x00".b, encoded + assert_equal encoded, OpenSSL::ASN1.decode(encoded).to_der + end + def test_create_inf_length_primitive expected = %w{ 24 80 04 01 61 00 00 } raw = [expected.join('')].pack('H*') -- cgit v1.2.3