rubysl-openssl 1.0.2 → 2.0.0

data/ext/rubysl/openssl/ossl_x509name.c

@@ -1,5 +1,5 @@
 /*
- * $Id: ossl_x509name.c 28367 2010-06-21 09:18:59Z shyouhei $
+ * $Id$
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.
@@ -11,20 +11,20 @@
 #include "ossl.h"
 
 #define WrapX509Name(klass, obj, name) do { \
-    if (!name) { \
+    if (!(name)) { \
 	ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
     } \
-    obj = Data_Wrap_Struct(klass, 0, X509_NAME_free, name); \
+    (obj) = Data_Wrap_Struct((klass), 0, X509_NAME_free, (name)); \
 } while (0)
 #define GetX509Name(obj, name) do { \
-    Data_Get_Struct(obj, X509_NAME, name); \
-    if (!name) { \
+    Data_Get_Struct((obj), X509_NAME, (name)); \
+    if (!(name)) { \
 	ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
     } \
 } while (0)
 #define SafeGetX509Name(obj, name) do { \
-    OSSL_Check_Kind(obj, cX509Name); \
-    GetX509Name(obj, name); \
+    OSSL_Check_Kind((obj), cX509Name); \
+    GetX509Name((obj), (name)); \
 } while (0)
 
 #define OBJECT_TYPE_TEMPLATE \
@@ -41,7 +41,7 @@ VALUE eX509NameError;
 /*
  * Public
  */
-VALUE 
+VALUE
 ossl_x509name_new(X509_NAME *name)
 {
     X509_NAME *new;
@@ -56,7 +56,7 @@ ossl_x509name_new(X509_NAME *name)
 	ossl_raise(eX509NameError, NULL);
     }
     WrapX509Name(cX509Name, obj, new);
-    
+
     return obj;
 }
 
@@ -78,7 +78,7 @@ ossl_x509name_alloc(VALUE klass)
 {
     X509_NAME *name;
     VALUE obj;
-	
+
     if (!(name = X509_NAME_new())) {
 	ossl_raise(eX509NameError, NULL);
     }
@@ -87,9 +87,9 @@ ossl_x509name_alloc(VALUE klass)
     return obj;
 }
 
-static int id_aref;
+static ID id_aref;
 static VALUE ossl_x509name_add_entry(int, VALUE*, VALUE);
-#define rb_aref(obj, key) rb_funcall(obj, id_aref, 1, key)
+#define rb_aref(obj, key) rb_funcall((obj), id_aref, 1, (key))
 
 static VALUE
 ossl_x509name_init_i(VALUE i, VALUE args)
@@ -111,10 +111,23 @@ ossl_x509name_init_i(VALUE i, VALUE args)
 
 /*
  * call-seq:
- *    X509::Name.new => name
- *    X509::Name.new(string) => name
- *    X509::Name.new(dn) => name
- *    X509::Name.new(dn, template) => name
+ *    X509::Name.new                               => name
+ *    X509::Name.new(der)                          => name
+ *    X509::Name.new(distinguished_name)           => name
+ *    X509::Name.new(distinguished_name, template) => name
+ *
+ * Creates a new Name.
+ *
+ * A name may be created from a DER encoded string +der+, an Array
+ * representing a +distinguished_name+ or a +distinguished_name+ along with a
+ * +template+.
+ *
+ *   name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]
+ *
+ *   name = OpenSSL::X509::Name.new name.to_der
+ *
+ * See add_entry for a description of the +distinguished_name+ Array's
+ * contents
  */
 static VALUE
 ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
@@ -154,6 +167,16 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
 /*
  * call-seq:
  *    name.add_entry(oid, value [, type]) => self
+ *
+ * Adds a new entry with the given +oid+ and +value+ to this name.  The +oid+
+ * is an object identifier defined in ASN.1.  Some common OIDs are:
+ *
+ * C::  Country Name
+ * CN:: Common Name
+ * DC:: Domain Component
+ * O::  Organization Name
+ * OU:: Organizational Unit Name
+ * ST:: State or Province Name
  */
 static
 VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
@@ -167,7 +190,7 @@ VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
     if(NIL_P(type)) type = rb_aref(OBJECT_TYPE_TEMPLATE, oid);
     GetX509Name(self, name);
     if (!X509_NAME_add_entry_by_txt(name, RSTRING_PTR(oid), NUM2INT(type),
-		RSTRING_PTR(value), RSTRING_LEN(value), -1, 0)) {
+		(const unsigned char *)RSTRING_PTR(value), RSTRING_LENINT(value), -1, 0)) {
 	ossl_raise(eX509NameError, NULL);
     }
 
@@ -192,7 +215,14 @@ ossl_x509name_to_s_old(VALUE self)
 /*
  * call-seq:
  *    name.to_s => string
- *    name.to_s(integer) => string
+ *    name.to_s(flags) => string
+ *
+ * Returns this name as a Distinguished Name string.  +flags+ may be one of:
+ *
+ * * OpenSSL::X509::Name::COMPAT
+ * * OpenSSL::X509::Name::RFC2253
+ * * OpenSSL::X509::Name::ONELINE
+ * * OpenSSL::X509::Name::MULTILINE
  */
 static VALUE
 ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
@@ -221,17 +251,20 @@ ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
 /*
  * call-seq:
  *    name.to_a => [[name, data, type], ...]
+ *
+ * Returns an Array representation of the distinguished name suitable for
+ * passing to ::new
  */
-static VALUE 
+static VALUE
 ossl_x509name_to_a(VALUE self)
 {
     X509_NAME *name;
     X509_NAME_ENTRY *entry;
-    int i,entries;
+    int i,entries,nid;
     char long_name[512];
     const char *short_name;
-    VALUE ary, ret;
-	
+    VALUE ary, vname, ret;
+
     GetX509Name(self, name);
     entries = X509_NAME_entry_count(name);
     if (entries < 0) {
@@ -246,9 +279,16 @@ ossl_x509name_to_a(VALUE self)
 	if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object)) {
 	    ossl_raise(eX509NameError, NULL);
 	}
-	short_name = OBJ_nid2sn(OBJ_ln2nid(long_name));
-	ary = rb_ary_new3(3, rb_str_new2(short_name),
-        		  rb_str_new(entry->value->data, entry->value->length),
+	nid = OBJ_ln2nid(long_name);
+	if (nid == NID_undef) {
+	    vname = rb_str_new2((const char *) &long_name);
+	} else {
+	    short_name = OBJ_nid2sn(nid);
+	    vname = rb_str_new2(short_name); /*do not free*/
+	}
+	ary = rb_ary_new3(3,
+			  vname,
+        		  rb_str_new((const char *)entry->value->data, entry->value->length),
         		  INT2FIX(entry->value->type));
 	rb_ary_push(ret, ary);
     }
@@ -266,6 +306,14 @@ ossl_x509name_cmp0(VALUE self, VALUE other)
     return X509_NAME_cmp(name1, name2);
 }
 
+/*
+ * call-seq:
+ *    name.cmp other => integer
+ *    name.<=> other => integer
+ *
+ * Compares this Name with +other+ and returns 0 if they are the same and -1 or
+ * +1 if they are greater or less than each other respectively.
+ */
 static VALUE
 ossl_x509name_cmp(VALUE self, VALUE other)
 {
@@ -278,6 +326,12 @@ ossl_x509name_cmp(VALUE self, VALUE other)
     return INT2FIX(0);
 }
 
+/*
+ * call-seq:
+ *   name.eql? other => boolean
+ *
+ * Returns true if +name+ and +other+ refer to the same hash key.
+ */
 static VALUE
 ossl_x509name_eql(VALUE self, VALUE other)
 {
@@ -292,6 +346,9 @@ ossl_x509name_eql(VALUE self, VALUE other)
 /*
  * call-seq:
  *    name.hash => integer
+ *
+ * The hash value returned is suitable for use as a certificate's filename in
+ * a CA path.
  */
 static VALUE
 ossl_x509name_hash(VALUE self)
@@ -311,7 +368,7 @@ ossl_x509name_hash(VALUE self)
  * call-seq:
  *    name.hash_old => integer
  *
- * hash_old returns MD5 based hash used in OpenSSL 0.9.X.
+ * Returns an MD5 based hash used in OpenSSL 0.9.X.
  */
 static VALUE
 ossl_x509name_hash_old(VALUE self)
@@ -330,6 +387,8 @@ ossl_x509name_hash_old(VALUE self)
 /*
  * call-seq:
  *    name.to_der => string
+ *
+ * Converts the name to DER encoding
  */
 static VALUE
 ossl_x509name_to_der(VALUE self)
@@ -343,7 +402,7 @@ ossl_x509name_to_der(VALUE self)
     if((len = i2d_X509_NAME(name, NULL)) <= 0)
 	ossl_raise(eX509NameError, NULL);
     str = rb_str_new(0, len);
-    p = RSTRING_PTR(str);
+    p = (unsigned char *)RSTRING_PTR(str);
     if(i2d_X509_NAME(name, &p) <= 0)
 	ossl_raise(eX509NameError, NULL);
     ossl_str_adjust(str, p);
@@ -352,9 +411,20 @@ ossl_x509name_to_der(VALUE self)
 }
 
 /*
- * INIT
+ * Document-class: OpenSSL::X509::Name
+ *
+ * An X.509 name represents a hostname, email address or other entity
+ * associated with a public key.
+ *
+ * You can create a Name by parsing a distinguished name String or by
+ * supplying the distinguished name as an Array.
+ *
+ *   name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'
+ *
+ *   name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]
  */
-void 
+
+void
 Init_ossl_x509name()
 {
     VALUE utf8str, ptrstr, ia5str, hash;
@@ -363,6 +433,8 @@ Init_ossl_x509name()
     eX509NameError = rb_define_class_under(mX509, "NameError", eOSSLError);
     cX509Name = rb_define_class_under(mX509, "Name", rb_cObject);
 
+    rb_include_module(cX509Name, rb_mComparable);
+
     rb_define_alloc_func(cX509Name, ossl_x509name_alloc);
     rb_define_method(cX509Name, "initialize", ossl_x509name_initialize, -1);
     rb_define_method(cX509Name, "add_entry", ossl_x509name_add_entry, -1);
@@ -380,6 +452,11 @@ Init_ossl_x509name()
     utf8str = INT2NUM(V_ASN1_UTF8STRING);
     ptrstr = INT2NUM(V_ASN1_PRINTABLESTRING);
     ia5str = INT2NUM(V_ASN1_IA5STRING);
+
+    /* Document-const: DEFAULT_OBJECT_TYPE
+     *
+     * The default object type for name entries.
+     */
     rb_define_const(cX509Name, "DEFAULT_OBJECT_TYPE", utf8str);
     hash = rb_hash_new();
     rb_funcall(hash, rb_intern("default="), 1, utf8str);
@@ -390,10 +467,43 @@ Init_ossl_x509name()
     rb_hash_aset(hash, rb_str_new2("DC"), ia5str);
     rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str);
     rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str);
+
+    /* Document-const: OBJECT_TYPE_TEMPLATE
+     *
+     * The default object type template for name entries.
+     */
     rb_define_const(cX509Name, "OBJECT_TYPE_TEMPLATE", hash);
 
+    /* Document-const: COMPAT
+     *
+     * A flag for #to_s.
+     *
+     * Breaks the name returned into multiple lines if longer than 80
+     * characters.
+     */
     rb_define_const(cX509Name, "COMPAT", ULONG2NUM(XN_FLAG_COMPAT));
+
+    /* Document-const: RFC2253
+     *
+     * A flag for #to_s.
+     *
+     * Returns an RFC2253 format name.
+     */
     rb_define_const(cX509Name, "RFC2253", ULONG2NUM(XN_FLAG_RFC2253));
+
+    /* Document-const: ONELINE
+     *
+     * A flag for #to_s.
+     *
+     * Returns a more readable format than RFC2253.
+     */
     rb_define_const(cX509Name, "ONELINE", ULONG2NUM(XN_FLAG_ONELINE));
+
+    /* Document-const: MULTILINE
+     *
+     * A flag for #to_s.
+     *
+     * Returns a multiline format.
+     */
     rb_define_const(cX509Name, "MULTILINE", ULONG2NUM(XN_FLAG_MULTILINE));
 }

data/ext/rubysl/openssl/ossl_x509req.c

@@ -1,5 +1,5 @@
 /*
- * $Id: ossl_x509req.c 12496 2007-06-08 15:02:04Z technorama $
+ * $Id$
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.
@@ -11,20 +11,20 @@
 #include "ossl.h"
 
 #define WrapX509Req(klass, obj, req) do { \
-    if (!req) { \
+    if (!(req)) { \
 	ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \
     } \
-    obj = Data_Wrap_Struct(klass, 0, X509_REQ_free, req); \
+    (obj) = Data_Wrap_Struct((klass), 0, X509_REQ_free, (req)); \
 } while (0)
 #define GetX509Req(obj, req) do { \
-    Data_Get_Struct(obj, X509_REQ, req); \
-    if (!req) { \
+    Data_Get_Struct((obj), X509_REQ, (req)); \
+    if (!(req)) { \
 	ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \
     } \
 } while (0)
 #define SafeGetX509Req(obj, req) do { \
-    OSSL_Check_Kind(obj, cX509Req); \
-    GetX509Req(obj, req); \
+    OSSL_Check_Kind((obj), cX509Req); \
+    GetX509Req((obj), (req)); \
 } while (0)
 
 /*
@@ -81,7 +81,7 @@ DupX509ReqPtr(VALUE obj)
 /*
  * Private functions
  */
-static VALUE 
+static VALUE
 ossl_x509req_alloc(VALUE klass)
 {
     X509_REQ *req;
@@ -95,11 +95,11 @@ ossl_x509req_alloc(VALUE klass)
     return obj;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
 {
     BIO *in;
-    X509_REQ *req;
+    X509_REQ *req, *x = DATA_PTR(self);
     VALUE arg;
 
     if (rb_scan_args(argc, argv, "01", &arg) == 0) {
@@ -107,10 +107,12 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
     }
     arg = ossl_to_der_if_possible(arg);
     in = ossl_obj2bio(arg);
-    req = PEM_read_bio_X509_REQ(in, (X509_REQ **)&DATA_PTR(self), NULL, NULL);
+    req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL);
+    DATA_PTR(self) = x;
     if (!req) {
-	BIO_reset(in);
-	req = d2i_X509_REQ_bio(in, (X509_REQ **)&DATA_PTR(self));
+	OSSL_BIO_reset(in);
+	req = d2i_X509_REQ_bio(in, &x);
+	DATA_PTR(self) = x;
     }
     BIO_free(in);
     if (!req) ossl_raise(eX509ReqError, NULL);
@@ -122,7 +124,7 @@ static VALUE
 ossl_x509req_copy(VALUE self, VALUE other)
 {
     X509_REQ *a, *b, *req;
-	
+
     rb_check_frozen(self);
     if (self == other) return self;
     GetX509Req(self, a);
@@ -136,14 +138,14 @@ ossl_x509req_copy(VALUE self, VALUE other)
     return self;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_to_pem(VALUE self)
 {
     X509_REQ *req;
     BIO *out;
     BUF_MEM *buf;
     VALUE str;
-	
+
     GetX509Req(self, req);
     if (!(out = BIO_new(BIO_s_mem()))) {
 	ossl_raise(eX509ReqError, NULL);
@@ -169,9 +171,9 @@ ossl_x509req_to_der(VALUE self)
 
     GetX509Req(self, req);
     if ((len = i2d_X509_REQ(req, NULL)) <= 0)
-	ossl_raise(eX509CertError, NULL);
+	ossl_raise(eX509ReqError, NULL);
     str = rb_str_new(0, len);
-    p = RSTRING_PTR(str);
+    p = (unsigned char *)RSTRING_PTR(str);
     if (i2d_X509_REQ(req, &p) <= 0)
 	ossl_raise(eX509ReqError, NULL);
     ossl_str_adjust(str, p);
@@ -179,7 +181,7 @@ ossl_x509req_to_der(VALUE self)
     return str;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_to_text(VALUE self)
 {
     X509_REQ *req;
@@ -206,12 +208,12 @@ ossl_x509req_to_text(VALUE self)
 /*
  * Makes X509 from X509_REQuest
  */
-static VALUE 
+static VALUE
 ossl_x509req_to_x509(VALUE self, VALUE days, VALUE key)
 {
     X509_REQ *req;
     X509 *x509;
-	
+
     GetX509Req(self, req);
     ...
     if (!(x509 = X509_REQ_to_X509(req, d, pkey))) {
@@ -222,7 +224,7 @@ ossl_x509req_to_x509(VALUE self, VALUE days, VALUE key)
 }
 #endif
 
-static VALUE 
+static VALUE
 ossl_x509req_get_version(VALUE self)
 {
     X509_REQ *req;
@@ -234,7 +236,7 @@ ossl_x509req_get_version(VALUE self)
     return LONG2FIX(version);
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_set_version(VALUE self, VALUE version)
 {
     X509_REQ *req;
@@ -251,7 +253,7 @@ ossl_x509req_set_version(VALUE self, VALUE version)
     return version;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_get_subject(VALUE self)
 {
     X509_REQ *req;
@@ -265,11 +267,11 @@ ossl_x509req_get_subject(VALUE self)
     return ossl_x509name_new(name);
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_set_subject(VALUE self, VALUE subject)
 {
     X509_REQ *req;
-	
+
     GetX509Req(self, req);
     /* DUPs name */
     if (!X509_REQ_set_subject_name(req, GetX509NamePtr(subject))) {
@@ -279,7 +281,7 @@ ossl_x509req_set_subject(VALUE self, VALUE subject)
     return subject;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_get_signature_algorithm(VALUE self)
 {
     X509_REQ *req;
@@ -288,7 +290,7 @@ ossl_x509req_get_signature_algorithm(VALUE self)
     VALUE str;
 
     GetX509Req(self, req);
-	
+
     if (!(out = BIO_new(BIO_s_mem()))) {
 	ossl_raise(eX509ReqError, NULL);
     }
@@ -302,7 +304,7 @@ ossl_x509req_get_signature_algorithm(VALUE self)
     return str;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_get_public_key(VALUE self)
 {
     X509_REQ *req;
@@ -316,7 +318,7 @@ ossl_x509req_get_public_key(VALUE self)
     return ossl_pkey_new(pkey); /* NO DUP - OK */
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_set_public_key(VALUE self, VALUE key)
 {
     X509_REQ *req;
@@ -331,7 +333,7 @@ ossl_x509req_set_public_key(VALUE self, VALUE key)
     return key;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_sign(VALUE self, VALUE key, VALUE digest)
 {
     X509_REQ *req;
@@ -351,7 +353,7 @@ ossl_x509req_sign(VALUE self, VALUE key, VALUE digest)
 /*
  * Checks that cert signature is made with PRIVversion of this PUBLIC 'key'
  */
-static VALUE 
+static VALUE
 ossl_x509req_verify(VALUE self, VALUE key)
 {
     X509_REQ *req;
@@ -370,14 +372,14 @@ ossl_x509req_verify(VALUE self, VALUE key)
     return Qfalse;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_get_attributes(VALUE self)
 {
     X509_REQ *req;
     int count, i;
     X509_ATTRIBUTE *attr;
     VALUE ary;
-	
+
     GetX509Req(self, req);
 
     count = X509_REQ_get_attr_count(req);
@@ -394,7 +396,7 @@ ossl_x509req_get_attributes(VALUE self)
     return ary;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_set_attributes(VALUE self, VALUE ary)
 {
     X509_REQ *req;
@@ -419,7 +421,7 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary)
     return ary;
 }
 
-static VALUE 
+static VALUE
 ossl_x509req_add_attribute(VALUE self, VALUE attr)
 {
     X509_REQ *req;
@@ -435,17 +437,17 @@ ossl_x509req_add_attribute(VALUE self, VALUE attr)
 /*
  * X509_REQUEST init
  */
-void 
+void
 Init_ossl_x509req()
 {
     eX509ReqError = rb_define_class_under(mX509, "RequestError", eOSSLError);
-	
+
     cX509Req = rb_define_class_under(mX509, "Request", rb_cObject);
-	
+
     rb_define_alloc_func(cX509Req, ossl_x509req_alloc);
     rb_define_method(cX509Req, "initialize", ossl_x509req_initialize, -1);
     rb_define_copy_func(cX509Req, ossl_x509req_copy);
-	
+
     rb_define_method(cX509Req, "to_pem", ossl_x509req_to_pem, 0);
     rb_define_method(cX509Req, "to_der", ossl_x509req_to_der, 0);
     rb_define_alias(cX509Req, "to_s", "to_pem");