On Wed, Mar 02, 2022 at 04:28:00AM -0700, Joel Sing wrote: > CVSROOT: /cvs > Module name: src > Changes by: js...@cvs.openbsd.org 2022/03/02 04:28:00 > > Modified files: > lib/libcrypto/asn1: a_object.c asn1_locl.h > lib/libcrypto/objects: obj_dat.c > > Log message: > Rewrite ASN1_OBJECT content to ascii/text conversion. > > Rewrite the ASN1_OBJECT content to ascii/text conversion code using CBB and > CBS. Currently there is a strange split with i2t_ASN1_OBJECT() calling > OBJ_obj2txt() which implements the conversion, while OBJ_txt2obj() calls > back into the misnamed a2d_ASN1_OBJECT() function. Move the conversion > code into asn1/a_object.c and have OBJ_txt2obj() call that instead. > > ok inoguchi@ tb@
This broke regress/lib/libssl/openssl-ruby: > lib/libssl: Exit: 1 Duration: 00:20:57 Log: 30-lib-libssl.log ==== openssl-ruby-test ==== rm -f .test cd /home/src/regress/lib/libssl/openssl-ruby && exec make test mkdir -p build touch .builddir cd build && ruby30 /usr/local/share/openssl-ruby-tests/ext/openssl/extconf.rb && make; checking for rb_io_maybe_wait()... no checking for t_open() in -lnsl... no checking for socket() in -lsocket... no checking for openssl/ssl.h... yes checking for LIBRESSL_VERSION_NUMBER in openssl/opensslv.h... yes checking for LibreSSL version >= 3.1.0... yes checking for RAND_egd()... no checking for ENGINE_load_dynamic() in openssl/engine.h... yes checking for ENGINE_load_4758cca() in openssl/engine.h... no checking for ENGINE_load_aep() in openssl/engine.h... no checking for ENGINE_load_atalla() in openssl/engine.h... no checking for ENGINE_load_chil() in openssl/engine.h... no checking for ENGINE_load_cswift() in openssl/engine.h... no checking for ENGINE_load_nuron() in openssl/engine.h... no checking for ENGINE_load_sureware() in openssl/engine.h... no checking for ENGINE_load_ubsec() in openssl/engine.h... no checking for ENGINE_load_padlock() in openssl/engine.h... no checking for ENGINE_load_capi() in openssl/engine.h... no checking for ENGINE_load_gmp() in openssl/engine.h... no checking for ENGINE_load_gost() in openssl/engine.h... no checking for ENGINE_load_cryptodev() in openssl/engine.h... no checking for SSL.ctx in openssl/ssl.h... no checking for EVP_MD_CTX_new()... yes checking for EVP_MD_CTX_free()... yes checking for EVP_MD_CTX_pkey_ctx()... yes checking for X509_STORE_get_ex_data()... yes checking for X509_STORE_set_ex_data()... yes checking for X509_STORE_get_ex_new_index()... no checking for X509_CRL_get0_signature()... yes checking for X509_REQ_get0_signature()... yes checking for X509_REVOKED_get0_serialNumber()... yes checking for X509_REVOKED_get0_revocationDate()... yes checking for X509_get0_tbs_sigalg()... yes checking for X509_STORE_CTX_get0_untrusted()... yes checking for X509_STORE_CTX_get0_cert()... yes checking for X509_STORE_CTX_get0_chain()... yes checking for OCSP_SINGLERESP_get0_id()... yes checking for SSL_CTX_get_ciphers()... yes checking for X509_up_ref()... yes checking for X509_CRL_up_ref()... yes checking for X509_STORE_up_ref()... yes checking for SSL_SESSION_up_ref()... yes checking for EVP_PKEY_up_ref()... yes checking for SSL_CTX_set_min_proto_version(NULL, 0) in openssl/ssl.h... yes checking for SSL_CTX_get_security_level()... no checking for X509_get0_notBefore()... yes checking for SSL_SESSION_get_protocol_version()... yes checking for TS_STATUS_INFO_get0_status()... no checking for TS_STATUS_INFO_get0_text()... no checking for TS_STATUS_INFO_get0_failure_info()... no checking for TS_VERIFY_CTS_set_certs(NULL, NULL) in openssl/ts.h... no checking for TS_VERIFY_CTX_set_store()... no checking for TS_VERIFY_CTX_add_flags()... no checking for TS_RESP_CTX_set_time_cb()... no checking for EVP_PBE_scrypt()... no checking for SSL_CTX_set_post_handshake_auth()... yes checking for EVP_PKEY_check()... yes checking for SSL_CTX_set_ciphersuites()... yes checking for SSL_set0_tmp_dh_pkey()... no checking for ERR_get_error_all()... no checking for TS_VERIFY_CTX_set_certs(NULL, NULL) in openssl/ts.h... no checking for SSL_CTX_load_verify_file()... no checking for BN_check_prime()... no checking for EVP_MD_CTX_get0_md()... no checking for EVP_MD_CTX_get_pkey_ctx()... no checking for EVP_PKEY_eq()... no checking for EVP_PKEY_dup()... no creating extconf.h creating Makefile compiling /usr/local/share/openssl-ruby-tests/ext/openssl/openssl_missing.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_asn1.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_bio.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_bn.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_cipher.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_config.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_digest.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_engine.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_hmac.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_kdf.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_ns_spki.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_ocsp.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkcs12.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkcs7.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkey.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkey_dh.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkey_dsa.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkey_ec.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_pkey_rsa.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_rand.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_ssl.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_ssl_session.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_ts.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509attr.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509cert.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509crl.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509ext.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509name.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509req.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509revoked.c compiling /usr/local/share/openssl-ruby-tests/ext/openssl/ossl_x509store.c linking shared-object openssl.so touch .build cd build && env SKIP_EXPECTED_FAILURES=true ruby30 -I. -I/usr/local/share/openssl-ruby-tests/test/openssl -I/usr/local/share/openssl-ruby-tests/lib -e 'Dir["/usr/local/share/openssl-ruby-tests/test/openssl/test_*.rb"].each{|f| require f}' -- --no-use-color --no-show-detail-immediately Loaded suite -e Started ..................PP....P...................................................... ........P..........P......PPPPP................................................ ...........E................................................................... ........P............PP......................................PPP.......PP...... ..F............................................................................ .....FF...F...FF.....F............................F.......F.................... ........................................ 1) Pending: test_ed25519(OpenSSL::TestPKey): Ed25519 is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_pkey.rb:96:in `rescue in test_ed25519' /usr/local/share/openssl-ruby-tests/test/openssl/test_pkey.rb:91:in `test_ed25519' 88: MCowBQYDK2VwAyEAPUAXw+hDiVqStwqnTRt+vJyYLM8uxJaMwM1V8Sr0Zgw= 89: -----END PUBLIC KEY----- 90: EOF => 91: begin 92: priv = OpenSSL::PKey.read(priv_pem) 93: pub = OpenSSL::PKey.read(pub_pem) 94: rescue OpenSSL::PKey::PKeyError 2) Pending: test_generic_oid_inspect(OpenSSL::TestPKey): X25519 is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_pkey.rb:22:in `rescue in test_generic_oid_inspect' /usr/local/share/openssl-ruby-tests/test/openssl/test_pkey.rb:18:in `test_generic_oid_inspect' 15: MC4CAQAwBQYDK2VuBCIEIHcHbQpzGKV9PBbBclGyZkXfTC+H68CZKrF3+6UduSwq 16: -----END PRIVATE KEY----- 17: EOF => 18: begin 19: x25519 = OpenSSL::PKey.read(x25519_pem) 20: rescue OpenSSL::PKey::PKeyError 21: # OpenSSL < 1.1.0 3) Pending: test_x25519(OpenSSL::TestPKey): X25519 is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_pkey.rb:142:in `rescue in test_x25519' /usr/local/share/openssl-ruby-tests/test/openssl/test_pkey.rb:137:in `test_x25519' 134: -----END PUBLIC KEY----- 135: EOF 136: shared_secret = "4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742" => 137: begin 138: alice = OpenSSL::PKey.read(alice_pem) 139: bob = OpenSSL::PKey.read(bob_pem) 140: rescue OpenSSL::PKey::PKeyError 4) Pending: test_client_ca(OpenSSL::TestSSL): skip failing client CA test /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:356:in `test_client_ca' 353: 354: def test_client_ca 355: if ENV['SKIP_EXPECTED_FAILURES'] => 356: pend "skip failing client CA test" 357: end 358: ctx_proc = Proc.new do |ctx| 359: ctx.client_ca = [@ca_cert] 5) Pending: test_fallback_scsv(OpenSSL::TestSSL): Fallback SCSV is not supported /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:1498:in `test_fallback_scsv' 1495: return unless supported.include?(OpenSSL::SSL::TLS1_1_VERSION) && 1496: supported.include?(OpenSSL::SSL::TLS1_2_VERSION) 1497: => 1498: pend "Fallback SCSV is not supported" unless \\ 1499: OpenSSL::SSL::SSLContext.method_defined?(:enable_fallback_scsv) 1500: 1501: start_server do |port| 6) Pending: test_npn_advertised_protocol_too_long(OpenSSL::TestSSL): LibreSSL 2.6 has broken NPN functions /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:1394:in `test_npn_advertised_protocol_too_long' 1391: def test_npn_advertised_protocol_too_long 1392: pend "NPN is not supported" unless \\ 1393: OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) => 1394: pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) 1395: 1396: ctx_proc = Proc.new { |ctx| ctx.npn_protocols = ["a" * 256] } 1397: start_server_version(:TLSv1_2, ctx_proc) { |port| 7) Pending: test_npn_protocol_selection_ary(OpenSSL::TestSSL): LibreSSL 2.6 has broken NPN functions /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:1337:in `test_npn_protocol_selection_ary' 1334: def test_npn_protocol_selection_ary 1335: pend "NPN is not supported" unless \\ 1336: OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) => 1337: pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) 1338: 1339: advertised = ["http/1.1", "spdy/2"] 1340: ctx_proc = proc { |ctx| ctx.npn_protocols = advertised } 8) Pending: test_npn_protocol_selection_cancel(OpenSSL::TestSSL): LibreSSL 2.6 has broken NPN functions /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:1381:in `test_npn_protocol_selection_cancel' 1378: def test_npn_protocol_selection_cancel 1379: pend "NPN is not supported" unless \\ 1380: OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) => 1381: pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) 1382: 1383: ctx_proc = Proc.new { |ctx| ctx.npn_protocols = ["http/1.1"] } 1384: start_server_version(:TLSv1_2, ctx_proc) { |port| 9) Pending: test_npn_protocol_selection_enum(OpenSSL::TestSSL): LibreSSL 2.6 has broken NPN functions /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:1357:in `test_npn_protocol_selection_enum' 1354: def test_npn_protocol_selection_enum 1355: pend "NPN is not supported" unless \\ 1356: OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) => 1357: pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) 1358: 1359: advertised = Object.new 1360: def advertised.each 10) Pending: test_npn_selected_protocol_too_long(OpenSSL::TestSSL): LibreSSL 2.6 has broken NPN functions /usr/local/share/openssl-ruby-tests/test/openssl/test_ssl.rb:1407:in `test_npn_selected_protocol_too_long' 1404: def test_npn_selected_protocol_too_long 1405: pend "NPN is not supported" unless \\ 1406: OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) => 1407: pend "LibreSSL 2.6 has broken NPN functions" if libressl?(2, 6, 1) 1408: 1409: ctx_proc = Proc.new { |ctx| ctx.npn_protocols = ["http/1.1"] } 1410: start_server_version(:TLSv1_2, ctx_proc) { |port| 11) Error: test_object_identifier(OpenSSL::TestASN1): ArgumentError: string contains null byte /usr/local/share/openssl-ruby-tests/test/openssl/test_asn1.rb:687:in `oid' /usr/local/share/openssl-ruby-tests/test/openssl/test_asn1.rb:687:in `assert_asn1_equal' /usr/local/share/openssl-ruby-tests/test/openssl/test_asn1.rb:701:in `decode_test' /usr/local/share/openssl-ruby-tests/test/openssl/test_asn1.rb:707:in `encode_decode_test' /usr/local/share/openssl-ruby-tests/test/openssl/test_asn1.rb:309:in `test_object_identifier' 306: end 307: 308: def test_object_identifier => 309: encode_decode_test B(%w{ 06 01 00 }), OpenSSL::ASN1::ObjectId.new("0.0".b) 310: encode_decode_test B(%w{ 06 01 28 }), OpenSSL::ASN1::ObjectId.new("1.0".b) 311: encode_decode_test B(%w{ 06 03 88 37 03 }), OpenSSL::ASN1::ObjectId.new("2.999.3".b) 312: encode_decode_test B(%w{ 06 05 2A 22 83 BB 55 }), OpenSSL::ASN1::ObjectId.new("1.2.34.56789".b) 12) Pending: test_s_parse_include(OpenSSL::TestConfig): .include directive is not supported /usr/local/share/openssl-ruby-tests/test/openssl/test_config.rb:126:in `test_s_parse_include' 123: def test_s_parse_include 124: if !openssl?(1, 1, 1, 2) 125: # OpenSSL < 1.1.1 parses .include directive as a normal assignment => 126: pend ".include directive is not supported" 127: end 128: 129: in_tmpdir("ossl-config-include-test") do |dir| 13) Pending: test_sha3(OpenSSL::TestDigest): SHA3 is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_digest.rb:103:in `test_sha3' 100: end 101: 102: def test_sha3 => 103: pend "SHA3 is not implemented" unless digest_available?('SHA3-224') 104: s224 = '6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7' 105: s256 = 'a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a' 106: s384 = '0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004' 14) Pending: test_sha512_truncate(OpenSSL::TestDigest): SHA512_224 is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_digest.rb:91:in `test_sha512_truncate' 88: end 89: 90: def test_sha512_truncate => 91: pend "SHA512_224 is not implemented" unless digest_available?('SHA512-224') 92: sha512_224_a = "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327" 93: sha512_256_a = "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8" 94: 15) Pending: test_hkdf_rfc5869_test_case_1(OpenSSL::TestKDF): HKDF is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_kdf.rb:135:in `test_hkdf_rfc5869_test_case_1' 132: end 133: 134: def test_hkdf_rfc5869_test_case_1 => 135: pend "HKDF is not implemented" unless OpenSSL::KDF.respond_to?(:hkdf) # OpenSSL >= 1.1.0 136: hash = "sha256" 137: ikm = B("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") 138: salt = B("000102030405060708090a0b0c") 16) Pending: test_hkdf_rfc5869_test_case_3(OpenSSL::TestKDF): HKDF is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_kdf.rb:149:in `test_hkdf_rfc5869_test_case_3' 146: end 147: 148: def test_hkdf_rfc5869_test_case_3 => 149: pend "HKDF is not implemented" unless OpenSSL::KDF.respond_to?(:hkdf) # OpenSSL >= 1.1.0 150: hash = "sha256" 151: ikm = B("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") 152: salt = B("") 17) Pending: test_hkdf_rfc5869_test_case_4(OpenSSL::TestKDF): HKDF is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_kdf.rb:163:in `test_hkdf_rfc5869_test_case_4' 160: end 161: 162: def test_hkdf_rfc5869_test_case_4 => 163: pend "HKDF is not implemented" unless OpenSSL::KDF.respond_to?(:hkdf) # OpenSSL >= 1.1.0 164: hash = "sha1" 165: ikm = B("0b0b0b0b0b0b0b0b0b0b0b") 166: salt = B("000102030405060708090a0b0c") 18) Pending: test_scrypt_rfc7914_first(OpenSSL::TestKDF): scrypt is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_kdf.rb:105:in `test_scrypt_rfc7914_first' 102: end 103: 104: def test_scrypt_rfc7914_first => 105: pend "scrypt is not implemented" unless OpenSSL::KDF.respond_to?(:scrypt) # OpenSSL >= 1.1.0 106: pass = "" 107: salt = "" 108: n = 16 19) Pending: test_scrypt_rfc7914_second(OpenSSL::TestKDF): scrypt is not implemented /usr/local/share/openssl-ruby-tests/test/openssl/test_kdf.rb:120:in `test_scrypt_rfc7914_second' 117: end 118: 119: def test_scrypt_rfc7914_second => 120: pend "scrypt is not implemented" unless OpenSSL::KDF.respond_to?(:scrypt) # OpenSSL >= 1.1.0 121: pass = "password" 122: salt = "NaCl" 123: n = 1024 20) Failure: test_certificate_id_hash_algorithm(OpenSSL::TestOCSP) /usr/local/share/openssl-ruby-tests/test/openssl/test_ocsp.rb:73:in `test_certificate_id_hash_algorithm' 70: def test_certificate_id_hash_algorithm 71: cid_sha1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1')) 72: cid_sha256 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA256')) => 73: assert_equal "sha1", cid_sha1.hash_algorithm 74: assert_equal "sha256", cid_sha256.hash_algorithm 75: end 76: <"sha1">(UTF-8) expected but was <"sha1\\x00">(ASCII-8BIT) diff: ? sha1 ? Encoding: UTF -8 ? ASCII BIT 21) Failure: test_request_assignment(OpenSSL::TestTimestamp) /usr/local/share/openssl-ruby-tests/test/openssl/test_ts.rb:102:in `test_request_assignment' 99: assert_raise(TypeError) { req.message_imprint = nil } 100: 101: req.policy_id = "1.2.3.4.5" => 102: assert_equal("1.2.3.4.5", req.policy_id) 103: assert_raise(TypeError) { req.policy_id = 123 } 104: assert_raise(TypeError) { req.policy_id = nil } 105: <"1.2.3.4.5">(UTF-8) expected but was <"1.2.3.4.5\\x00">(ASCII-8BIT) diff: ? 1.2.3.4.5 ? Encoding: UTF -8 ? ASCII BIT 22) Failure: test_request_encode_decode(OpenSSL::TestTimestamp) /usr/local/share/openssl-ruby-tests/test/openssl/test_ts.rb:172:in `test_request_encode_decode' 169: assert_equal(1, qer.version) 170: assert_equal("SHA1", qer.algorithm) 171: assert_equal(digest, qer.message_imprint) => 172: assert_equal("1.2.3.4.5", qer.policy_id) 173: assert_equal(42, qer.nonce) 174: 175: #put OpenSSL::ASN1.decode inbetween <"1.2.3.4.5">(UTF-8) expected but was <"1.2.3.4.5\\x00">(ASCII-8BIT) diff: ? 1.2.3.4.5 ? Encoding: UTF -8 ? ASCII BIT 23) Failure: test_request_serialization(OpenSSL::TestTimestamp) /usr/local/share/openssl-ruby-tests/test/openssl/test_ts.rb:136:in `test_request_serialization' 133: assert_equal(2, req.version) 134: assert_equal("SHA1", req.algorithm) 135: assert_equal("test", req.message_imprint) => 136: assert_equal("1.2.3.4.5", req.policy_id) 137: assert_equal(42, req.nonce) 138: assert_equal(true, req.cert_requested?) 139: <"1.2.3.4.5">(UTF-8) expected but was <"1.2.3.4.5\\x00">(ASCII-8BIT) diff: ? 1.2.3.4.5 ? Encoding: UTF -8 ? ASCII BIT 24) Failure: test_response_creation(OpenSSL::TestTimestamp) /usr/local/share/openssl-ruby-tests/test/openssl/test_ts.rb:218:in `test_response_creation' 215: assert_nil(resp.failure_info) 216: assert_equal([], resp.status_text) 217: assert_equal(1, resp.token_info.version) => 218: assert_equal("1.2.3.4.5", resp.token_info.policy_id) 219: assert_equal("SHA1", resp.token_info.algorithm) 220: assert_equal(digest, resp.token_info.message_imprint) 221: assert_equal(1, resp.token_info.serial_number) <"1.2.3.4.5">(UTF-8) expected but was <"1.2.3.4.5\\x00">(ASCII-8BIT) diff: ? 1.2.3.4.5 ? Encoding: UTF -8 ? ASCII BIT 25) Failure: test_response_default_policy(OpenSSL::TestTimestamp) /usr/local/share/openssl-ruby-tests/test/openssl/test_ts.rb:325:in `test_response_default_policy' 322: 323: resp = fac.create_timestamp(ee_key, ts_cert_ee, req) 324: assert_equal(OpenSSL::Timestamp::Response::GRANTED, resp.status) => 325: assert_equal("1.2.3.4.6", resp.token_info.policy_id) 326: end 327: 328: def test_response_bad_purpose <"1.2.3.4.6">(UTF-8) expected but was <"1.2.3.4.6\\x00">(ASCII-8BIT) diff: ? 1.2.3.4.6 ? Encoding: UTF -8 ? ASCII BIT 26) Failure: test_token_info_creation(OpenSSL::TestTimestamp) /usr/local/share/openssl-ruby-tests/test/openssl/test_ts.rb:596:in `test_token_info_creation' 593: info = OpenSSL::Timestamp::TokenInfo.new(info.to_der) 594: 595: assert_equal(1, info.version) => 596: assert_equal("1.2.3.4.5", info.policy_id) 597: assert_equal("SHA1", info.algorithm) 598: assert_equal(digest, info.message_imprint) 599: assert_equal(1, info.serial_number) <"1.2.3.4.5">(UTF-8) expected but was <"1.2.3.4.5\\x00">(ASCII-8BIT) diff: ? 1.2.3.4.5 ? Encoding: UTF -8 ? ASCII BIT 27) Failure: test_crlnumber(OpenSSL::TestX509CRL): </X509v3 CRL Number:\\s+1/m> was expected to be =~ <"Certificate Revocation List (CRL):\\n" + " Version 2 (0x1)\\n" + " Signature Algorithm: sha1WithRSAEncryption\\x00\\n" + " Issuer: /DC=org/DC=ruby-lang/CN=CA\\n" + " Last Update: Mar 3 02:55:57 2022 GMT\\n" + " Next Update: Mar 3 03:22:37 2022 GMT\\n" + " CRL extensions:\\n" + " X509v3 CRL Number\\x00: \\n" + " 1\\n" + "No Revoked Certificates.\\n" + " Signature Algorithm: sha1WithRSAEncryption\\x00\\n" + " 27:55:12:4d:cc:52:88:bf:a4:16:89:d7:27:8d:0e:cb:a1:6f:\\n" + " 48:98:a6:e8:83:f8:60:18:57:e8:be:30:66:5f:a4:d4:81:7c:\\n" + " d0:ba:12:58:76:a0:6b:52:b0:8c:ef:eb:d3:f0:11:c2:ad:9c:\\n" + " dc:1a:64:b2:40:99:44:84:86:72:d0:8a:f9:fd:3d:f4:db:62:\\n" + " 63:8c:cc:ec:4e:43:4e:0f:c8:ec:97:28:a7:80:7e:2c:ad:5c:\\n" + " f1:31:bd:8e:2a:37:45:70:f6:83:24:98:8a:e0:3a:96:5d:b9:\\n" + " a2:68:19:8f:00:9a:5c:50:18:e5:3f:37:76:12:4b:4e:89:bf:\\n" + " 94:91:5e:20:64:91:83:af:86:70:6b:20:84:f3:fa:ae:0a:bf:\\n" + " 04:0a:41:eb:f9:72:51:6d:67:54:7c:f7:07:d2:95:70:7e:a6:\\n" + " c3:51:84:0a:c7:12:68:dd:65:a3:85:cb:80:fe:b9:ae:dc:7d:\\n" + " cd:5c:e8:3e:e6:39:a6:2c:fc:27:26:15:e6:d8:96:f0:79:ee:\\n" + " b5:c0:a6:33:c7:65:62:d7:8a:37:e2:79:e7:82:0d:2a:57:2f:\\n" + " e5:b0:ef:c5:f8:60:b1:3f:d3:c7:bb:c2:2f:cc:50:8e:74:43:\\n" + " b7:e3:ae:f6:1e:57:f0:60:61:57:77:06:46:14:30:01:40:68:\\n" + " 47:28:5e:bc\\n">. /usr/local/share/openssl-ruby-tests/test/openssl/test_x509crl.rb:172:in `test_crlnumber' 169: crl = issue_crl([], 1, Time.now, Time.now+1600, [], 170: cert, @rsa2048, OpenSSL::Digest.new('SHA1')) 171: assert_match(1.to_s, crl.extensions[0].value) => 172: assert_match(/X509v3 CRL Number:\\s+#{1}/m, crl.to_text) 173: 174: crl = issue_crl([], 2**32, Time.now, Time.now+1600, [], 175: cert, @rsa2048, OpenSSL::Digest.new('SHA1')) 28) Failure: test_dsa_with_sha2(OpenSSL::TestX509Certificate) /usr/local/share/openssl-ruby-tests/test/openssl/test_x509cert.rb:226:in `test_dsa_with_sha2' 223: 224: def test_dsa_with_sha2 225: cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha256") => 226: assert_equal("dsa_with_SHA256", cert.signature_algorithm) 227: # TODO: need more tests for dsa + sha2 228: 229: # SHA1 is allowed from OpenSSL 1.0.0 (0.9.8 requires DSS1) <"dsa_with_SHA256">(UTF-8) expected but was <"dsa_with_SHA256\\x00">(ASCII-8BIT) diff: ? dsa_with_SHA256 ? Encoding: UTF -8 ? ASCII BIT Finished in 32.60170545 seconds. ------------------------------------------------------------------------------- 514 tests, 4131 assertions, 9 failures, 1 errors, 18 pendings, 0 omissions, 0 notifications 94.5525% passed ------------------------------------------------------------------------------- 15.77 tests/s, 126.71 assertions/s *** Error 1 in openssl-ruby (Makefile:43 '.test') *** Error 2 in openssl-ruby (Makefile:57 'retest') FAILED