[MacRuby] #900: Assertion fails with OpenSSL::X509::Certificate.issuer.to_der
MacRuby
ruby-noreply at macosforge.org
Sun Sep 12 20:40:36 PDT 2010
#900: Assertion fails with OpenSSL::X509::Certificate.issuer.to_der
----------------------------------+-----------------------------------------
Reporter: watson1978@… | Owner: lsansonetti@…
Type: defect | Status: new
Priority: blocker | Milestone:
Component: MacRuby | Keywords:
----------------------------------+-----------------------------------------
Test Script:
{{{
#!ruby
require "openssl"
def issue_cert(dn, key, serial, not_before, not_after, extensions,
issuer, issuer_key, digest)
cert = OpenSSL::X509::Certificate.new
issuer = cert unless issuer
issuer_key = key unless issuer_key
cert.version = 2
cert.serial = serial
cert.subject = dn
cert.issuer = issuer.subject
cert.public_key = key.public_key
cert.not_before = not_before
cert.not_after = not_after
ef = OpenSSL::X509::ExtensionFactory.new
ef.subject_certificate = cert
ef.issuer_certificate = issuer
extensions.each{|oid, value, critical|
cert.add_extension(ef.create_extension(oid, value, critical))
}
cert.sign(issuer_key, digest)
cert
end
rsa1024 = OpenSSL::PKey::RSA.new(1024)
rsa2048 = OpenSSL::PKey::RSA.new(2048)
ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
ca_exts = [
["basicConstraints","CA:TRUE",true],
["keyUsage","keyCertSign, cRLSign",true],
["subjectKeyIdentifier","hash",false],
["authorityKeyIdentifier","keyid:always",false],
]
ca_cert = issue_cert(ca, rsa2048, 1, Time.now, Time.now+3600, ca_exts,
nil, nil, OpenSSL::Digest::SHA1.new)
ee1 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE1")
ee1_exts = [
["keyUsage","Non Repudiation, Digital Signature, Key
Encipherment",true],
["subjectKeyIdentifier","hash",false],
["authorityKeyIdentifier","keyid:always",false],
["extendedKeyUsage","clientAuth, emailProtection,
codeSigning",false],
["subjectAltName","email:ee1 at ruby-lang.org",false],
]
ee1_cert = issue_cert(ee1, rsa1024, 2, Time.now, Time.now+1800, ee1_exts,
ca_cert, rsa2048, OpenSSL::Digest::SHA1.new)
p ee1_cert.issuer.to_der
}}}
Result:
{{{
$ ruby test_x509_name.rb
"0=1\x130\x11\x06\n\t\x92&\x89\x93\xF2,d\x01\x19\x16\x03org1\x190\x17\x06\n\t\x92&\x89\x93\xF2,d\x01\x19\x16
\truby-lang1\v0\t\x06\x03U\x04\x03\f\x02CA"
$ macruby test_x509_name.rb
Assertion failed: (len >= 0), function str_replace_with_uchars, file
string.c, line 289.
zsh: abort macruby test_x509_name.rb
}}}
--
Ticket URL: <http://www.macruby.org/trac/ticket/900>
MacRuby <http://macruby.org/>
More information about the macruby-tickets
mailing list