rubysl-openssl 2.10 → 2.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/ext/rubysl/openssl/deprecation.rb +7 -3
- data/ext/rubysl/openssl/extconf.rb +148 -103
- data/ext/rubysl/openssl/openssl_missing.c +94 -275
- data/ext/rubysl/openssl/openssl_missing.h +167 -98
- data/ext/rubysl/openssl/ossl.c +266 -212
- data/ext/rubysl/openssl/ossl.h +27 -89
- data/ext/rubysl/openssl/ossl_asn1.c +157 -221
- data/ext/rubysl/openssl/ossl_asn1.h +11 -3
- data/ext/rubysl/openssl/ossl_bio.c +10 -40
- data/ext/rubysl/openssl/ossl_bio.h +1 -2
- data/ext/rubysl/openssl/ossl_bn.c +144 -100
- data/ext/rubysl/openssl/ossl_bn.h +3 -1
- data/ext/rubysl/openssl/ossl_cipher.c +270 -195
- data/ext/rubysl/openssl/ossl_config.c +7 -1
- data/ext/rubysl/openssl/ossl_config.h +0 -1
- data/ext/rubysl/openssl/ossl_digest.c +40 -29
- data/ext/rubysl/openssl/ossl_engine.c +23 -62
- data/ext/rubysl/openssl/ossl_hmac.c +82 -55
- data/ext/rubysl/openssl/ossl_ns_spki.c +22 -22
- data/ext/rubysl/openssl/ossl_ocsp.c +894 -144
- data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
- data/ext/rubysl/openssl/ossl_pkcs12.c +47 -19
- data/ext/rubysl/openssl/ossl_pkcs5.c +7 -15
- data/ext/rubysl/openssl/ossl_pkcs7.c +38 -15
- data/ext/rubysl/openssl/ossl_pkey.c +151 -99
- data/ext/rubysl/openssl/ossl_pkey.h +123 -29
- data/ext/rubysl/openssl/ossl_pkey_dh.c +143 -92
- data/ext/rubysl/openssl/ossl_pkey_dsa.c +149 -104
- data/ext/rubysl/openssl/ossl_pkey_ec.c +646 -524
- data/ext/rubysl/openssl/ossl_pkey_rsa.c +180 -121
- data/ext/rubysl/openssl/ossl_rand.c +25 -21
- data/ext/rubysl/openssl/ossl_ssl.c +795 -413
- data/ext/rubysl/openssl/ossl_ssl.h +3 -0
- data/ext/rubysl/openssl/ossl_ssl_session.c +83 -77
- data/ext/rubysl/openssl/ossl_version.h +1 -1
- data/ext/rubysl/openssl/ossl_x509.c +92 -8
- data/ext/rubysl/openssl/ossl_x509.h +14 -5
- data/ext/rubysl/openssl/ossl_x509attr.c +77 -41
- data/ext/rubysl/openssl/ossl_x509cert.c +45 -46
- data/ext/rubysl/openssl/ossl_x509crl.c +51 -57
- data/ext/rubysl/openssl/ossl_x509ext.c +39 -33
- data/ext/rubysl/openssl/ossl_x509name.c +68 -45
- data/ext/rubysl/openssl/ossl_x509req.c +32 -38
- data/ext/rubysl/openssl/ossl_x509revoked.c +43 -9
- data/ext/rubysl/openssl/ossl_x509store.c +309 -104
- data/ext/rubysl/openssl/ruby_missing.h +8 -6
- data/lib/openssl/buffering.rb +11 -5
- data/lib/openssl/cipher.rb +23 -15
- data/lib/openssl/digest.rb +7 -10
- data/lib/openssl/pkey.rb +15 -8
- data/lib/openssl/ssl.rb +81 -105
- data/lib/rubysl/openssl.rb +1 -4
- data/lib/rubysl/openssl/version.rb +1 -1
- metadata +3 -4
@@ -95,19 +95,6 @@ GetX509ExtPtr(VALUE obj)
|
|
95
95
|
return ext;
|
96
96
|
}
|
97
97
|
|
98
|
-
X509_EXTENSION *
|
99
|
-
DupX509ExtPtr(VALUE obj)
|
100
|
-
{
|
101
|
-
X509_EXTENSION *ext, *new;
|
102
|
-
|
103
|
-
SafeGetX509Ext(obj, ext);
|
104
|
-
if (!(new = X509_EXTENSION_dup(ext))) {
|
105
|
-
ossl_raise(eX509ExtError, NULL);
|
106
|
-
}
|
107
|
-
|
108
|
-
return new;
|
109
|
-
}
|
110
|
-
|
111
98
|
/*
|
112
99
|
* Private
|
113
100
|
*/
|
@@ -211,12 +198,11 @@ ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)
|
|
211
198
|
}
|
212
199
|
|
213
200
|
/*
|
214
|
-
*
|
215
|
-
*
|
216
|
-
*
|
217
|
-
*
|
218
|
-
*
|
219
|
-
* ["ln", "value"] => not critical
|
201
|
+
* call-seq:
|
202
|
+
* ef.create_ext(ln_or_sn, "value", critical = false) -> X509::Extension
|
203
|
+
* ef.create_ext(ln_or_sn, "critical,value") -> X509::Extension
|
204
|
+
*
|
205
|
+
* Creates a new X509::Extension with passed values. See also x509v3_config(5).
|
220
206
|
*/
|
221
207
|
static VALUE
|
222
208
|
ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self)
|
@@ -225,39 +211,32 @@ ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self)
|
|
225
211
|
X509_EXTENSION *ext;
|
226
212
|
VALUE oid, value, critical, valstr, obj;
|
227
213
|
int nid;
|
228
|
-
#ifdef HAVE_X509V3_EXT_NCONF_NID
|
229
214
|
VALUE rconf;
|
230
215
|
CONF *conf;
|
231
|
-
#else
|
232
|
-
static LHASH *empty_lhash;
|
233
|
-
#endif
|
234
216
|
|
235
217
|
rb_scan_args(argc, argv, "21", &oid, &value, &critical);
|
236
|
-
|
218
|
+
StringValueCStr(oid);
|
237
219
|
StringValue(value);
|
238
220
|
if(NIL_P(critical)) critical = Qfalse;
|
239
221
|
|
240
222
|
nid = OBJ_ln2nid(RSTRING_PTR(oid));
|
241
223
|
if(!nid) nid = OBJ_sn2nid(RSTRING_PTR(oid));
|
242
|
-
if(!nid) ossl_raise(eX509ExtError, "unknown OID `%
|
224
|
+
if(!nid) ossl_raise(eX509ExtError, "unknown OID `%"PRIsVALUE"'", oid);
|
225
|
+
|
243
226
|
valstr = rb_str_new2(RTEST(critical) ? "critical," : "");
|
244
227
|
rb_str_append(valstr, value);
|
228
|
+
StringValueCStr(valstr);
|
229
|
+
|
245
230
|
GetX509ExtFactory(self, ctx);
|
246
231
|
obj = NewX509Ext(cX509Ext);
|
247
|
-
#ifdef HAVE_X509V3_EXT_NCONF_NID
|
248
232
|
rconf = rb_iv_get(self, "@config");
|
249
233
|
conf = NIL_P(rconf) ? NULL : DupConfigPtr(rconf);
|
250
234
|
X509V3_set_nconf(ctx, conf);
|
251
235
|
ext = X509V3_EXT_nconf_nid(conf, ctx, nid, RSTRING_PTR(valstr));
|
252
236
|
X509V3_set_ctx_nodb(ctx);
|
253
237
|
NCONF_free(conf);
|
254
|
-
#else
|
255
|
-
if (!empty_lhash) empty_lhash = lh_new(NULL, NULL);
|
256
|
-
ext = X509V3_EXT_conf_nid(empty_lhash, ctx, nid, RSTRING_PTR(valstr));
|
257
|
-
#endif
|
258
238
|
if (!ext){
|
259
|
-
ossl_raise(eX509ExtError, "%
|
260
|
-
RSTRING_PTR(oid), RSTRING_PTR(value));
|
239
|
+
ossl_raise(eX509ExtError, "%"PRIsVALUE" = %"PRIsVALUE, oid, valstr);
|
261
240
|
}
|
262
241
|
SetX509Ext(obj, ext);
|
263
242
|
|
@@ -319,6 +298,25 @@ ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
|
|
319
298
|
return self;
|
320
299
|
}
|
321
300
|
|
301
|
+
static VALUE
|
302
|
+
ossl_x509ext_initialize_copy(VALUE self, VALUE other)
|
303
|
+
{
|
304
|
+
X509_EXTENSION *ext, *ext_other, *ext_new;
|
305
|
+
|
306
|
+
rb_check_frozen(self);
|
307
|
+
GetX509Ext(self, ext);
|
308
|
+
SafeGetX509Ext(other, ext_other);
|
309
|
+
|
310
|
+
ext_new = X509_EXTENSION_dup(ext_other);
|
311
|
+
if (!ext_new)
|
312
|
+
ossl_raise(eX509ExtError, "X509_EXTENSION_dup");
|
313
|
+
|
314
|
+
SetX509Ext(self, ext_new);
|
315
|
+
X509_EXTENSION_free(ext);
|
316
|
+
|
317
|
+
return self;
|
318
|
+
}
|
319
|
+
|
322
320
|
static VALUE
|
323
321
|
ossl_x509ext_set_oid(VALUE self, VALUE oid)
|
324
322
|
{
|
@@ -402,7 +400,7 @@ ossl_x509ext_get_value(VALUE obj)
|
|
402
400
|
if (!(out = BIO_new(BIO_s_mem())))
|
403
401
|
ossl_raise(eX509ExtError, NULL);
|
404
402
|
if (!X509V3_EXT_print(out, ext, 0, 0))
|
405
|
-
|
403
|
+
ASN1_STRING_print(out, (ASN1_STRING *)X509_EXTENSION_get_data(ext));
|
406
404
|
ret = ossl_membio2str(out);
|
407
405
|
|
408
406
|
return ret;
|
@@ -443,6 +441,13 @@ ossl_x509ext_to_der(VALUE obj)
|
|
443
441
|
void
|
444
442
|
Init_ossl_x509ext(void)
|
445
443
|
{
|
444
|
+
#undef rb_intern
|
445
|
+
#if 0
|
446
|
+
mOSSL = rb_define_module("OpenSSL");
|
447
|
+
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
|
448
|
+
mX509 = rb_define_module_under(mOSSL, "X509");
|
449
|
+
#endif
|
450
|
+
|
446
451
|
eX509ExtError = rb_define_class_under(mX509, "ExtensionError", eOSSLError);
|
447
452
|
|
448
453
|
cX509ExtFactory = rb_define_class_under(mX509, "ExtensionFactory", rb_cObject);
|
@@ -465,6 +470,7 @@ Init_ossl_x509ext(void)
|
|
465
470
|
cX509Ext = rb_define_class_under(mX509, "Extension", rb_cObject);
|
466
471
|
rb_define_alloc_func(cX509Ext, ossl_x509ext_alloc);
|
467
472
|
rb_define_method(cX509Ext, "initialize", ossl_x509ext_initialize, -1);
|
473
|
+
rb_define_copy_func(cX509Ext, ossl_x509ext_initialize_copy);
|
468
474
|
rb_define_method(cX509Ext, "oid=", ossl_x509ext_set_oid, 1);
|
469
475
|
rb_define_method(cX509Ext, "value=", ossl_x509ext_set_value, 1);
|
470
476
|
rb_define_method(cX509Ext, "critical=", ossl_x509ext_set_critical, 1);
|
@@ -181,6 +181,25 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
|
|
181
181
|
return self;
|
182
182
|
}
|
183
183
|
|
184
|
+
static VALUE
|
185
|
+
ossl_x509name_initialize_copy(VALUE self, VALUE other)
|
186
|
+
{
|
187
|
+
X509_NAME *name, *name_other, *name_new;
|
188
|
+
|
189
|
+
rb_check_frozen(self);
|
190
|
+
GetX509Name(self, name);
|
191
|
+
SafeGetX509Name(other, name_other);
|
192
|
+
|
193
|
+
name_new = X509_NAME_dup(name_other);
|
194
|
+
if (!name_new)
|
195
|
+
ossl_raise(eX509NameError, "X509_NAME_dup");
|
196
|
+
|
197
|
+
SetX509Name(self, name_new);
|
198
|
+
X509_NAME_free(name);
|
199
|
+
|
200
|
+
return self;
|
201
|
+
}
|
202
|
+
|
184
203
|
/*
|
185
204
|
* call-seq:
|
186
205
|
* name.add_entry(oid, value [, type]) => self
|
@@ -220,14 +239,31 @@ ossl_x509name_to_s_old(VALUE self)
|
|
220
239
|
{
|
221
240
|
X509_NAME *name;
|
222
241
|
char *buf;
|
223
|
-
VALUE str;
|
224
242
|
|
225
243
|
GetX509Name(self, name);
|
226
244
|
buf = X509_NAME_oneline(name, NULL, 0);
|
227
|
-
|
228
|
-
|
245
|
+
if (!buf)
|
246
|
+
ossl_raise(eX509NameError, "X509_NAME_oneline");
|
247
|
+
return ossl_buf2str(buf, rb_long2int(strlen(buf)));
|
248
|
+
}
|
229
249
|
|
230
|
-
|
250
|
+
static VALUE
|
251
|
+
x509name_print(VALUE self, unsigned long iflag)
|
252
|
+
{
|
253
|
+
X509_NAME *name;
|
254
|
+
BIO *out;
|
255
|
+
int ret;
|
256
|
+
|
257
|
+
GetX509Name(self, name);
|
258
|
+
out = BIO_new(BIO_s_mem());
|
259
|
+
if (!out)
|
260
|
+
ossl_raise(eX509NameError, NULL);
|
261
|
+
ret = X509_NAME_print_ex(out, name, 0, iflag);
|
262
|
+
if (ret < 0 || iflag == XN_FLAG_COMPAT && ret == 0) {
|
263
|
+
BIO_free(out);
|
264
|
+
ossl_raise(eX509NameError, "X509_NAME_print_ex");
|
265
|
+
}
|
266
|
+
return ossl_membio2str(out);
|
231
267
|
}
|
232
268
|
|
233
269
|
/*
|
@@ -245,25 +281,12 @@ ossl_x509name_to_s_old(VALUE self)
|
|
245
281
|
static VALUE
|
246
282
|
ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
|
247
283
|
{
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
unsigned long iflag;
|
252
|
-
|
253
|
-
rb_scan_args(argc, argv, "01", &flag);
|
254
|
-
if (NIL_P(flag))
|
284
|
+
rb_check_arity(argc, 0, 1);
|
285
|
+
/* name.to_s(nil) was allowed */
|
286
|
+
if (!argc || NIL_P(argv[0]))
|
255
287
|
return ossl_x509name_to_s_old(self);
|
256
|
-
else
|
257
|
-
|
258
|
-
ossl_raise(eX509NameError, NULL);
|
259
|
-
GetX509Name(self, name);
|
260
|
-
if (!X509_NAME_print_ex(out, name, 0, iflag)){
|
261
|
-
BIO_free(out);
|
262
|
-
ossl_raise(eX509NameError, NULL);
|
263
|
-
}
|
264
|
-
str = ossl_membio2str(out);
|
265
|
-
|
266
|
-
return str;
|
288
|
+
else
|
289
|
+
return x509name_print(self, NUM2ULONG(argv[0]));
|
267
290
|
}
|
268
291
|
|
269
292
|
/*
|
@@ -282,6 +305,7 @@ ossl_x509name_to_a(VALUE self)
|
|
282
305
|
char long_name[512];
|
283
306
|
const char *short_name;
|
284
307
|
VALUE ary, vname, ret;
|
308
|
+
ASN1_STRING *value;
|
285
309
|
|
286
310
|
GetX509Name(self, name);
|
287
311
|
entries = X509_NAME_entry_count(name);
|
@@ -294,7 +318,8 @@ ossl_x509name_to_a(VALUE self)
|
|
294
318
|
if (!(entry = X509_NAME_get_entry(name, i))) {
|
295
319
|
ossl_raise(eX509NameError, NULL);
|
296
320
|
}
|
297
|
-
if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
|
321
|
+
if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
|
322
|
+
X509_NAME_ENTRY_get_object(entry))) {
|
298
323
|
ossl_raise(eX509NameError, NULL);
|
299
324
|
}
|
300
325
|
nid = OBJ_ln2nid(long_name);
|
@@ -304,10 +329,8 @@ ossl_x509name_to_a(VALUE self)
|
|
304
329
|
short_name = OBJ_nid2sn(nid);
|
305
330
|
vname = rb_str_new2(short_name); /*do not free*/
|
306
331
|
}
|
307
|
-
|
308
|
-
|
309
|
-
rb_str_new((const char *)entry->value->data, entry->value->length),
|
310
|
-
INT2FIX(entry->value->type));
|
332
|
+
value = X509_NAME_ENTRY_get_data(entry);
|
333
|
+
ary = rb_ary_new3(3, vname, asn1str_to_str(value), INT2NUM(value->type));
|
311
334
|
rb_ary_push(ret, ary);
|
312
335
|
}
|
313
336
|
return ret;
|
@@ -339,7 +362,7 @@ ossl_x509name_cmp(VALUE self, VALUE other)
|
|
339
362
|
|
340
363
|
result = ossl_x509name_cmp0(self, other);
|
341
364
|
if (result < 0) return INT2FIX(-1);
|
342
|
-
if (result >
|
365
|
+
if (result > 0) return INT2FIX(1);
|
343
366
|
|
344
367
|
return INT2FIX(0);
|
345
368
|
}
|
@@ -353,12 +376,10 @@ ossl_x509name_cmp(VALUE self, VALUE other)
|
|
353
376
|
static VALUE
|
354
377
|
ossl_x509name_eql(VALUE self, VALUE other)
|
355
378
|
{
|
356
|
-
|
379
|
+
if (!rb_obj_is_kind_of(other, cX509Name))
|
380
|
+
return Qfalse;
|
357
381
|
|
358
|
-
|
359
|
-
result = ossl_x509name_cmp0(self, other);
|
360
|
-
|
361
|
-
return (result == 0) ? Qtrue : Qfalse;
|
382
|
+
return ossl_x509name_cmp0(self, other) == 0 ? Qtrue : Qfalse;
|
362
383
|
}
|
363
384
|
|
364
385
|
/*
|
@@ -445,8 +466,15 @@ ossl_x509name_to_der(VALUE self)
|
|
445
466
|
void
|
446
467
|
Init_ossl_x509name(void)
|
447
468
|
{
|
469
|
+
#undef rb_intern
|
448
470
|
VALUE utf8str, ptrstr, ia5str, hash;
|
449
471
|
|
472
|
+
#if 0
|
473
|
+
mOSSL = rb_define_module("OpenSSL");
|
474
|
+
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
|
475
|
+
mX509 = rb_define_module_under(mOSSL, "X509");
|
476
|
+
#endif
|
477
|
+
|
450
478
|
id_aref = rb_intern("[]");
|
451
479
|
eX509NameError = rb_define_class_under(mX509, "NameError", eOSSLError);
|
452
480
|
cX509Name = rb_define_class_under(mX509, "Name", rb_cObject);
|
@@ -455,6 +483,7 @@ Init_ossl_x509name(void)
|
|
455
483
|
|
456
484
|
rb_define_alloc_func(cX509Name, ossl_x509name_alloc);
|
457
485
|
rb_define_method(cX509Name, "initialize", ossl_x509name_initialize, -1);
|
486
|
+
rb_define_copy_func(cX509Name, ossl_x509name_initialize_copy);
|
458
487
|
rb_define_method(cX509Name, "add_entry", ossl_x509name_add_entry, -1);
|
459
488
|
rb_define_method(cX509Name, "to_s", ossl_x509name_to_s, -1);
|
460
489
|
rb_define_method(cX509Name, "to_a", ossl_x509name_to_a, 0);
|
@@ -471,8 +500,7 @@ Init_ossl_x509name(void)
|
|
471
500
|
ptrstr = INT2NUM(V_ASN1_PRINTABLESTRING);
|
472
501
|
ia5str = INT2NUM(V_ASN1_IA5STRING);
|
473
502
|
|
474
|
-
/*
|
475
|
-
*
|
503
|
+
/*
|
476
504
|
* The default object type for name entries.
|
477
505
|
*/
|
478
506
|
rb_define_const(cX509Name, "DEFAULT_OBJECT_TYPE", utf8str);
|
@@ -486,14 +514,12 @@ Init_ossl_x509name(void)
|
|
486
514
|
rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str);
|
487
515
|
rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str);
|
488
516
|
|
489
|
-
/*
|
490
|
-
*
|
517
|
+
/*
|
491
518
|
* The default object type template for name entries.
|
492
519
|
*/
|
493
520
|
rb_define_const(cX509Name, "OBJECT_TYPE_TEMPLATE", hash);
|
494
521
|
|
495
|
-
/*
|
496
|
-
*
|
522
|
+
/*
|
497
523
|
* A flag for #to_s.
|
498
524
|
*
|
499
525
|
* Breaks the name returned into multiple lines if longer than 80
|
@@ -501,24 +527,21 @@ Init_ossl_x509name(void)
|
|
501
527
|
*/
|
502
528
|
rb_define_const(cX509Name, "COMPAT", ULONG2NUM(XN_FLAG_COMPAT));
|
503
529
|
|
504
|
-
/*
|
505
|
-
*
|
530
|
+
/*
|
506
531
|
* A flag for #to_s.
|
507
532
|
*
|
508
533
|
* Returns an RFC2253 format name.
|
509
534
|
*/
|
510
535
|
rb_define_const(cX509Name, "RFC2253", ULONG2NUM(XN_FLAG_RFC2253));
|
511
536
|
|
512
|
-
/*
|
513
|
-
*
|
537
|
+
/*
|
514
538
|
* A flag for #to_s.
|
515
539
|
*
|
516
540
|
* Returns a more readable format than RFC2253.
|
517
541
|
*/
|
518
542
|
rb_define_const(cX509Name, "ONELINE", ULONG2NUM(XN_FLAG_ONELINE));
|
519
543
|
|
520
|
-
/*
|
521
|
-
*
|
544
|
+
/*
|
522
545
|
* A flag for #to_s.
|
523
546
|
*
|
524
547
|
* Returns a multiline format.
|
@@ -123,7 +123,7 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
|
|
123
123
|
return self;
|
124
124
|
}
|
125
125
|
arg = ossl_to_der_if_possible(arg);
|
126
|
-
in = ossl_obj2bio(arg);
|
126
|
+
in = ossl_obj2bio(&arg);
|
127
127
|
req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL);
|
128
128
|
DATA_PTR(self) = x;
|
129
129
|
if (!req) {
|
@@ -160,8 +160,6 @@ ossl_x509req_to_pem(VALUE self)
|
|
160
160
|
{
|
161
161
|
X509_REQ *req;
|
162
162
|
BIO *out;
|
163
|
-
BUF_MEM *buf;
|
164
|
-
VALUE str;
|
165
163
|
|
166
164
|
GetX509Req(self, req);
|
167
165
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
@@ -171,11 +169,8 @@ ossl_x509req_to_pem(VALUE self)
|
|
171
169
|
BIO_free(out);
|
172
170
|
ossl_raise(eX509ReqError, NULL);
|
173
171
|
}
|
174
|
-
BIO_get_mem_ptr(out, &buf);
|
175
|
-
str = rb_str_new(buf->data, buf->length);
|
176
|
-
BIO_free(out);
|
177
172
|
|
178
|
-
return
|
173
|
+
return ossl_membio2str(out);
|
179
174
|
}
|
180
175
|
|
181
176
|
static VALUE
|
@@ -203,8 +198,6 @@ ossl_x509req_to_text(VALUE self)
|
|
203
198
|
{
|
204
199
|
X509_REQ *req;
|
205
200
|
BIO *out;
|
206
|
-
BUF_MEM *buf;
|
207
|
-
VALUE str;
|
208
201
|
|
209
202
|
GetX509Req(self, req);
|
210
203
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
@@ -214,11 +207,8 @@ ossl_x509req_to_text(VALUE self)
|
|
214
207
|
BIO_free(out);
|
215
208
|
ossl_raise(eX509ReqError, NULL);
|
216
209
|
}
|
217
|
-
BIO_get_mem_ptr(out, &buf);
|
218
|
-
str = rb_str_new(buf->data, buf->length);
|
219
|
-
BIO_free(out);
|
220
210
|
|
221
|
-
return
|
211
|
+
return ossl_membio2str(out);
|
222
212
|
}
|
223
213
|
|
224
214
|
#if 0
|
@@ -250,7 +240,7 @@ ossl_x509req_get_version(VALUE self)
|
|
250
240
|
GetX509Req(self, req);
|
251
241
|
version = X509_REQ_get_version(req);
|
252
242
|
|
253
|
-
return
|
243
|
+
return LONG2NUM(version);
|
254
244
|
}
|
255
245
|
|
256
246
|
static VALUE
|
@@ -259,12 +249,12 @@ ossl_x509req_set_version(VALUE self, VALUE version)
|
|
259
249
|
X509_REQ *req;
|
260
250
|
long ver;
|
261
251
|
|
262
|
-
if ((ver =
|
252
|
+
if ((ver = NUM2LONG(version)) < 0) {
|
263
253
|
ossl_raise(eX509ReqError, "version must be >= 0!");
|
264
254
|
}
|
265
255
|
GetX509Req(self, req);
|
266
256
|
if (!X509_REQ_set_version(req, ver)) {
|
267
|
-
ossl_raise(eX509ReqError,
|
257
|
+
ossl_raise(eX509ReqError, "X509_REQ_set_version");
|
268
258
|
}
|
269
259
|
|
270
260
|
return version;
|
@@ -302,23 +292,21 @@ static VALUE
|
|
302
292
|
ossl_x509req_get_signature_algorithm(VALUE self)
|
303
293
|
{
|
304
294
|
X509_REQ *req;
|
295
|
+
const X509_ALGOR *alg;
|
305
296
|
BIO *out;
|
306
|
-
BUF_MEM *buf;
|
307
|
-
VALUE str;
|
308
297
|
|
309
298
|
GetX509Req(self, req);
|
310
299
|
|
311
300
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
312
301
|
ossl_raise(eX509ReqError, NULL);
|
313
302
|
}
|
314
|
-
|
303
|
+
X509_REQ_get0_signature(req, NULL, &alg);
|
304
|
+
if (!i2a_ASN1_OBJECT(out, alg->algorithm)) {
|
315
305
|
BIO_free(out);
|
316
306
|
ossl_raise(eX509ReqError, NULL);
|
317
307
|
}
|
318
|
-
|
319
|
-
|
320
|
-
BIO_free(out);
|
321
|
-
return str;
|
308
|
+
|
309
|
+
return ossl_membio2str(out);
|
322
310
|
}
|
323
311
|
|
324
312
|
static VALUE
|
@@ -342,11 +330,10 @@ ossl_x509req_set_public_key(VALUE self, VALUE key)
|
|
342
330
|
EVP_PKEY *pkey;
|
343
331
|
|
344
332
|
GetX509Req(self, req);
|
345
|
-
pkey = GetPKeyPtr(key);
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
333
|
+
pkey = GetPKeyPtr(key);
|
334
|
+
ossl_pkey_check_public_key(pkey);
|
335
|
+
if (!X509_REQ_set_pubkey(req, pkey))
|
336
|
+
ossl_raise(eX509ReqError, "X509_REQ_set_pubkey");
|
350
337
|
return key;
|
351
338
|
}
|
352
339
|
|
@@ -375,18 +362,19 @@ ossl_x509req_verify(VALUE self, VALUE key)
|
|
375
362
|
{
|
376
363
|
X509_REQ *req;
|
377
364
|
EVP_PKEY *pkey;
|
378
|
-
int i;
|
379
365
|
|
380
366
|
GetX509Req(self, req);
|
381
|
-
pkey = GetPKeyPtr(key);
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
if (i > 0) {
|
367
|
+
pkey = GetPKeyPtr(key);
|
368
|
+
ossl_pkey_check_public_key(pkey);
|
369
|
+
switch (X509_REQ_verify(req, pkey)) {
|
370
|
+
case 1:
|
386
371
|
return Qtrue;
|
372
|
+
case 0:
|
373
|
+
ossl_clear_error();
|
374
|
+
return Qfalse;
|
375
|
+
default:
|
376
|
+
ossl_raise(eX509ReqError, NULL);
|
387
377
|
}
|
388
|
-
|
389
|
-
return Qfalse;
|
390
378
|
}
|
391
379
|
|
392
380
|
static VALUE
|
@@ -426,8 +414,8 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary)
|
|
426
414
|
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Attr);
|
427
415
|
}
|
428
416
|
GetX509Req(self, req);
|
429
|
-
|
430
|
-
|
417
|
+
while ((attr = X509_REQ_delete_attr(req, 0)))
|
418
|
+
X509_ATTRIBUTE_free(attr);
|
431
419
|
for (i=0;i<RARRAY_LEN(ary); i++) {
|
432
420
|
item = RARRAY_AREF(ary, i);
|
433
421
|
attr = GetX509AttrPtr(item);
|
@@ -457,6 +445,12 @@ ossl_x509req_add_attribute(VALUE self, VALUE attr)
|
|
457
445
|
void
|
458
446
|
Init_ossl_x509req(void)
|
459
447
|
{
|
448
|
+
#if 0
|
449
|
+
mOSSL = rb_define_module("OpenSSL");
|
450
|
+
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
|
451
|
+
mX509 = rb_define_module_under(mOSSL, "X509");
|
452
|
+
#endif
|
453
|
+
|
460
454
|
eX509ReqError = rb_define_class_under(mX509, "RequestError", eOSSLError);
|
461
455
|
|
462
456
|
cX509Req = rb_define_class_under(mX509, "Request", rb_cObject);
|