Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL::X509::CRL class doesn't load revoked entries correctly #5

Closed
bkerley opened this issue Aug 18, 2014 · 2 comments
Closed

OpenSSL::X509::CRL class doesn't load revoked entries correctly #5

bkerley opened this issue Aug 18, 2014 · 2 comments
Assignees
@kares
Labels
compatibility

Comments

@bkerley
Copy link

bkerley commented Aug 18, 2014

I have a revoked.crl Certificate Revocation List with six entries (see https://gist.github.com/2790b2c1ac1a7af55240 ), and while OpenSSL::X509::CRL on Ruby 2.1.2 can read it, the same code on JRuby 1.7.13 on OS X cannot:

require 'pp'
require 'openssl'

crl_data = File.read './revoked.crl'
pp crl_data
crl = OpenSSL::X509::CRL.new crl_data
pp crl.revoked

Expected:

"-----BEGIN X509 CRL-----\nMIICATCCAasCAQEwDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMxEDAOBgNV\nBAgMB0Zsb3JpZGExDjAMBgNVBAcMBU1pYW1pMRwwGgYDVQQKDBNyNTA5LWNlcnQt\ndmFsaWRhdG9yMRIwEAYDVQQDDAlsb2NhbGhvc3QXDTE0MDcwNzE3MzEzNVoXDTI0\nMDcwNDE4MzEzNVowgeQwJAITBj4XOQip5iM9jsjNahP+ln2bNhcNMTQwMjExMTU0\nMjMyWjAkAhMGPhffXa7qnjiOsKG+T59MXoICFw0xNDAyMTExNjE5MjNaMCQCEwY+\nG/iZDaYOYqQNkUhWz2VDQQYXDTE0MDIxMTIwMTE0OVowJAITBj4b+xUAmYEJh7F0\nEk7YjFlzhhcNMTQwMjExMjAxMjIyWjAkAhMGPhv+d3hbmVhej514YzyCQvIOFw0x\nNDAyMTEyMDEzMDdaMCQCEwZMlT4VU+7hoQBdGcEGWKf/tEYXDTE0MDcwNzE4MzEz\nNVqgLzAtMAoGA1UdFAQDAgEGMB8GA1UdIwQYMBaAFJg2dyTKjan/rPrS2dVd1VDm\n92pRMA0GCSqGSIb3DQEBBQUAA0EASi1yCsP5ZphMI7XsTE65XwB9ABNcP36UHtdV\nm9iz/ZQpSeFoTlokJyy6c4+fVVIiDDUbOOAdN0RWmgEqkhLCYA==\n-----END X509 CRL-----\n"
[#<OpenSSL::X509::Revoked:0x007f944b1fd150>,
 #<OpenSSL::X509::Revoked:0x007f944b1fd100>,
 #<OpenSSL::X509::Revoked:0x007f944b1fd0d8>,
 #<OpenSSL::X509::Revoked:0x007f944b1fd0b0>,
 #<OpenSSL::X509::Revoked:0x007f944b1fd088>,
 #<OpenSSL::X509::Revoked:0x007f944b1fd038>]

Actual:

"-----BEGIN X509 CRL-----\nMIICATCCAasCAQEwDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMxEDAOBgNV\nBAgMB0Zsb3JpZGExDjAMBgNVBAcMBU1pYW1pMRwwGgYDVQQKDBNyNTA5LWNlcnQt\ndmFsaWRhdG9yMRIwEAYDVQQDDAlsb2NhbGhvc3QXDTE0MDcwNzE3MzEzNVoXDTI0\nMDcwNDE4MzEzNVowgeQwJAITBj4XOQip5iM9jsjNahP+ln2bNhcNMTQwMjExMTU0\nMjMyWjAkAhMGPhffXa7qnjiOsKG+T59MXoICFw0xNDAyMTExNjE5MjNaMCQCEwY+\nG/iZDaYOYqQNkUhWz2VDQQYXDTE0MDIxMTIwMTE0OVowJAITBj4b+xUAmYEJh7F0\nEk7YjFlzhhcNMTQwMjExMjAxMjIyWjAkAhMGPhv+d3hbmVhej514YzyCQvIOFw0x\nNDAyMTEyMDEzMDdaMCQCEwZMlT4VU+7hoQBdGcEGWKf/tEYXDTE0MDcwNzE4MzEz\nNVqgLzAtMAoGA1UdFAQDAgEGMB8GA1UdIwQYMBaAFJg2dyTKjan/rPrS2dVd1VDm\n92pRMA0GCSqGSIb3DQEBBQUAA0EASi1yCsP5ZphMI7XsTE65XwB9ABNcP36UHtdV\nm9iz/ZQpSeFoTlokJyy6c4+fVVIiDDUbOOAdN0RWmgEqkhLCYA==\n-----END X509 CRL-----\n"
[]
@bkerley
Copy link
Author

bkerley commented Aug 18, 2014

Failing test case has been added at https://github.com/bkerley/jruby-openssl/tree/bk-crl-loading

@kares kares self-assigned this Sep 2, 2014
kares added a commit that referenced this issue Sep 8, 2014
@kares
... long time coming - OpenSSL::X509::CRL support for loading revoked…
226aba5 
… entries (#5)
@kares
Copy link
Member

kares commented Sep 8, 2014

226aba5 should do it ... thanks!

@kares kares closed this as completed Sep 8, 2014
@bkerley bkerley mentioned this issue Sep 8, 2014
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kares kares

Labels
compatibility
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bkerley @kares