bdewater
commented
8 months ago Test failure looks unrelated.
Closed bdewater closed 7 months ago
bdewater
commented
8 months ago Test failure looks unrelated.
rhenium
commented
8 months ago Test failure looks unrelated.
Yes. #728 should fix it.
bdewater
commented
8 months ago In my understanding the test still works with my proposed changes,right?
No, not without additional changes. As mentioned earlier OpenSSL::Digest.digests (like OpenSSL::Cipher.ciphers) returns the lower cased long names. On my system:
ruby 3.2.0 (2022-12-25 revision a528908271) [arm64-darwin22]
OpenSSL::OPENSSL_VERSION: OpenSSL 3.0.7 1 Nov 2022
OpenSSL::OPENSSL_LIBRARY_VERSION: OpenSSL 3.0.7 1 Nov 2022
OpenSSL::OPENSSL_VERSION_NUMBER: 30000070
OpenSSL::Digest.digests
=>
["RSA-MD4",
"RSA-MD5",
"RSA-MDC2",
"RSA-RIPEMD160",
"RSA-SHA1",
"RSA-SHA1-2",
"RSA-SHA224",
"RSA-SHA256",
"RSA-SHA3-224",
"RSA-SHA3-256",
"RSA-SHA3-384",
"RSA-SHA3-512",
"RSA-SHA384",
"RSA-SHA512",
"RSA-SHA512/224",
"RSA-SHA512/256",
"RSA-SM3",
"blake2b512",
"blake2s256",
"id-rsassa-pkcs1-v1_5-with-sha3-224",
"id-rsassa-pkcs1-v1_5-with-sha3-256",
"id-rsassa-pkcs1-v1_5-with-sha3-384",
"id-rsassa-pkcs1-v1_5-with-sha3-512",
"md4",
"md4WithRSAEncryption",
"md5",
"md5-sha1",
"md5WithRSAEncryption",
"mdc2",
"mdc2WithRSA",
"ripemd",
"ripemd160",
"ripemd160WithRSA",
"rmd160",
"sha1",
"sha1WithRSAEncryption",
"sha224",
"sha224WithRSAEncryption",
"sha256",
"sha256WithRSAEncryption",
"sha3-224",
"sha3-256",
"sha3-384",
"sha3-512",
"sha384",
"sha384WithRSAEncryption",
"sha512",
"sha512-224",
"sha512-224WithRSAEncryption",
"sha512-256",
"sha512-256WithRSAEncryption",
"sha512WithRSAEncryption",
"shake128",
"shake256",
"sm3",
"sm3WithRSAEncryption",
"ssl3-md5",
"ssl3-sha1",
"whirlpool"]
junaruga
commented
8 months ago Is there an official document about the "shot name" and "long name" as a return value in OpenSSL project? I am confused because for example, both "SHA512-224" and "sha512-224" is the same string length. It's neither short nor long.
junaruga
commented
8 months ago By the way, I am not the main maintainer of this repository. I just commented.
rhenium
commented
8 months ago Is there an official document about the "shot name" and "long name" as a return value in OpenSSL project? I am confused because for example, both "SHA512-224" and "sha512-224" is the same string length. It's neither short nor long.
OBJ_nid2obj(3) explains it a bit, but not the reason why each object has two names in the first place. I don't really understand it, either.
The list obtained from OBJ_NAME_do_all_sorted() appears to be excluding case-insensitive duplicates and looks weird (which is not necessarily wrong because names are case-insensitive, but still feels strange):
"RSA-SHA1", # SN for 1.2.840.113549.1.1.5
"RSA-SHA1-2", # SN for 1.3.14.3.2.29
"sha1", # LN for 1.3.14.3.2.26
"sha1WithRSAEncryption", # LN for 1.2.840.113549.1.1.5 (notice SN is also included in the list)
"ssl3-sha1", # An alias of SHA1, doesn't have an OID(All of the above are alias of SHA-1)
Would it make sense to make OpenSSL::Digest.digests and OpenSSL::Cipher.ciphers include all possible names? It would be out of scope of this PR, though.
This returns the long names of digests. Similar to
OpenSSL::Cipher.ciphers(I took most of the implementation from it)Maybe the only confusing thing is that
Digest#namereturns the short name,Cipher#namedoes have a little disclaimer in the docs it might not be the same as given to the constructor.