Skip to content

Instantly share code, notes, and snippets.

public_key:der_decode('CertificateList', Der).
{'CertificateList',
{'TBSCertList',v2,
{'AlgorithmIdentifier',{1,2,840,113549,1,1,5},<<5,0>>},
{rdnSequence,
[[{'AttributeTypeAndValue',{2,5,4,6},<<19,1,67>>}],
[{'AttributeTypeAndValue',{2,5,4,8},<<12,2,83,84>>}],
[{'AttributeTypeAndValue',{2,5,4,3},<<12,2,67,78>>}]]},
{utcTime,"101123233530Z"},
{utcTime,"101130233530Z"},
@Hexa
Hexa / ossl_asn1.c.diff
Created September 24, 2011 20:13
ruby 1.9.3 rc1 の OpenSSL::ASN1 の(たぶん)バグ
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
index fe7256a..b64227a 100644
--- a/ext/openssl/ossl_asn1.c
+++ b/ext/openssl/ossl_asn1.c
@@ -877,7 +877,7 @@ int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len,
}
}
- if (tc == sUNIVERSAL && (tag == V_ASN1_SEQUENCE || V_ASN1_SET)) {
+ if (tc == sUNIVERSAL && (tag == V_ASN1_SEQUENCE || tag == V_ASN1_SET)) {
@Hexa
Hexa / report.rst
Created September 24, 2011 20:42
Ruby 1.9.3 preview1 / rc1 で OpenSSL::ASN1.decode_all の引数に PEM 形式の証明書を指定すると Segmentation fault が発生する再現コード

環境

Ubuntu 11.04 64-bit

再現コード

11/12/18 23:16:01 YoruFukurou[25271] Exception detected while handling key input.
11/12/18 23:16:01 YoruFukurou[25271] *** Collection <NSCFDictionary: 0x101051a90> was mutated while being enumerated.<CFBasicHash 0x101051a90 [0x7fff7043dee0]>{type = mutable dict, count = 1,
entries =>
2 : <CFString 0x114fb3580 [0x7fff7043dee0]>{contents = "50534906-41F0-438C-9DD6-30535FF88335"} = <CFString 0x100165348 [0x7fff7043dee0]>{contents = "Main Stream"}
}
@Hexa
Hexa / ocsp-client.rb
Created March 15, 2012 15:29
module OpenSSL::OCSP リファレンスの例を動くように修正してみた
## module OpenSSL::OCSP
## http://doc.ruby-lang.org/ja/1.9.3/class/OpenSSL=3a=3aOCSP.html
require 'openssl'
require 'net/http'
## 動作確認のために追記
ca_cert = OpenSSL::X509::Certificate.new(File.read('client-ca.pem'))
cert = OpenSSL::X509::Certificate.new(File.read('client.pem'))
store = OpenSSL::X509::Store.new
require 'socket'
sock4 = UDPSocket.new(Socket::AF_INET)
sock4.bind('0.0.0.0', 40000) # => 0
sock6 = UDPSocket.new(Socket::AF_INET6)
sock6.bind('::', 40000) # =>Errno::EADDRINUSE: Address already in use - bind(2)
sock6.setsockopt(Socket::IPPROTO_IPV6, Socket::IPV6_V6ONLY, true)
sock6.bind('::', 40000) # => 0
#!/usr/bin/env ruby
# -*- coding: utf-8 -*-
require 'fog'
name = ARGV[0]
conn =Fog::Compute.new({
:provider => 'XenServer',
:xenserver_url => '192.168.1.2',
@Hexa
Hexa / gist:4002797
Created November 2, 2012 17:09
OpenSSL::X509::ExtensionFactory#create_ext の結果の違い
## ruby 2.0.0dev
irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> ef = OpenSSL::X509::ExtensionFactory.new
=> #<OpenSSL::X509::ExtensionFactory:0x007fd72213f6e0 @config=nil>
irb(main):003:0> ef.create_ext('basicConstraints', 'CA:TRUE, pathlen:1', true)
=> #<OpenSSL::X509::Extension:0x007fd7221245e8>
## ruby 1.9.3p194
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=CA
Validity
Not Before: Dec 16 04:56:09 2012 GMT
Not After : Dec 16 04:56:09 2012 GMT
Subject: CN=CA
@Hexa
Hexa / gist:4328513
Created December 18, 2012 14:36
cRLDistributionPoints and issuingDistributionPoint
require 'openssl'
cRLDistributionPoints=
OpenSSL::ASN1::Sequence.new([
OpenSSL::ASN1::Sequence.new([
OpenSSL::ASN1::ASN1Data.new([
OpenSSL::ASN1::ASN1Data.new([
OpenSSL::ASN1::ASN1Data.new(
distributionPointName = "http://example.com/example.crl",
6, :CONTEXT_SPECIFIC