rubysl-openssl 2.10 → 2.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/ext/rubysl/openssl/deprecation.rb +7 -3
- data/ext/rubysl/openssl/extconf.rb +148 -103
- data/ext/rubysl/openssl/openssl_missing.c +94 -275
- data/ext/rubysl/openssl/openssl_missing.h +167 -98
- data/ext/rubysl/openssl/ossl.c +266 -212
- data/ext/rubysl/openssl/ossl.h +27 -89
- data/ext/rubysl/openssl/ossl_asn1.c +157 -221
- data/ext/rubysl/openssl/ossl_asn1.h +11 -3
- data/ext/rubysl/openssl/ossl_bio.c +10 -40
- data/ext/rubysl/openssl/ossl_bio.h +1 -2
- data/ext/rubysl/openssl/ossl_bn.c +144 -100
- data/ext/rubysl/openssl/ossl_bn.h +3 -1
- data/ext/rubysl/openssl/ossl_cipher.c +270 -195
- data/ext/rubysl/openssl/ossl_config.c +7 -1
- data/ext/rubysl/openssl/ossl_config.h +0 -1
- data/ext/rubysl/openssl/ossl_digest.c +40 -29
- data/ext/rubysl/openssl/ossl_engine.c +23 -62
- data/ext/rubysl/openssl/ossl_hmac.c +82 -55
- data/ext/rubysl/openssl/ossl_ns_spki.c +22 -22
- data/ext/rubysl/openssl/ossl_ocsp.c +894 -144
- data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
- data/ext/rubysl/openssl/ossl_pkcs12.c +47 -19
- data/ext/rubysl/openssl/ossl_pkcs5.c +7 -15
- data/ext/rubysl/openssl/ossl_pkcs7.c +38 -15
- data/ext/rubysl/openssl/ossl_pkey.c +151 -99
- data/ext/rubysl/openssl/ossl_pkey.h +123 -29
- data/ext/rubysl/openssl/ossl_pkey_dh.c +143 -92
- data/ext/rubysl/openssl/ossl_pkey_dsa.c +149 -104
- data/ext/rubysl/openssl/ossl_pkey_ec.c +646 -524
- data/ext/rubysl/openssl/ossl_pkey_rsa.c +180 -121
- data/ext/rubysl/openssl/ossl_rand.c +25 -21
- data/ext/rubysl/openssl/ossl_ssl.c +795 -413
- data/ext/rubysl/openssl/ossl_ssl.h +3 -0
- data/ext/rubysl/openssl/ossl_ssl_session.c +83 -77
- data/ext/rubysl/openssl/ossl_version.h +1 -1
- data/ext/rubysl/openssl/ossl_x509.c +92 -8
- data/ext/rubysl/openssl/ossl_x509.h +14 -5
- data/ext/rubysl/openssl/ossl_x509attr.c +77 -41
- data/ext/rubysl/openssl/ossl_x509cert.c +45 -46
- data/ext/rubysl/openssl/ossl_x509crl.c +51 -57
- data/ext/rubysl/openssl/ossl_x509ext.c +39 -33
- data/ext/rubysl/openssl/ossl_x509name.c +68 -45
- data/ext/rubysl/openssl/ossl_x509req.c +32 -38
- data/ext/rubysl/openssl/ossl_x509revoked.c +43 -9
- data/ext/rubysl/openssl/ossl_x509store.c +309 -104
- data/ext/rubysl/openssl/ruby_missing.h +8 -6
- data/lib/openssl/buffering.rb +11 -5
- data/lib/openssl/cipher.rb +23 -15
- data/lib/openssl/digest.rb +7 -10
- data/lib/openssl/pkey.rb +15 -8
- data/lib/openssl/ssl.rb +81 -105
- data/lib/rubysl/openssl.rb +1 -4
- data/lib/rubysl/openssl/version.rb +1 -1
- metadata +3 -4
@@ -95,19 +95,6 @@ GetX509ExtPtr(VALUE obj)
|
|
95
95
|
return ext;
|
96
96
|
}
|
97
97
|
|
98
|
-
X509_EXTENSION *
|
99
|
-
DupX509ExtPtr(VALUE obj)
|
100
|
-
{
|
101
|
-
X509_EXTENSION *ext, *new;
|
102
|
-
|
103
|
-
SafeGetX509Ext(obj, ext);
|
104
|
-
if (!(new = X509_EXTENSION_dup(ext))) {
|
105
|
-
ossl_raise(eX509ExtError, NULL);
|
106
|
-
}
|
107
|
-
|
108
|
-
return new;
|
109
|
-
}
|
110
|
-
|
111
98
|
/*
|
112
99
|
* Private
|
113
100
|
*/
|
@@ -211,12 +198,11 @@ ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)
|
|
211
198
|
}
|
212
199
|
|
213
200
|
/*
|
214
|
-
*
|
215
|
-
*
|
216
|
-
*
|
217
|
-
*
|
218
|
-
*
|
219
|
-
* ["ln", "value"] => not critical
|
201
|
+
* call-seq:
|
202
|
+
* ef.create_ext(ln_or_sn, "value", critical = false) -> X509::Extension
|
203
|
+
* ef.create_ext(ln_or_sn, "critical,value") -> X509::Extension
|
204
|
+
*
|
205
|
+
* Creates a new X509::Extension with passed values. See also x509v3_config(5).
|
220
206
|
*/
|
221
207
|
static VALUE
|
222
208
|
ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self)
|
@@ -225,39 +211,32 @@ ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self)
|
|
225
211
|
X509_EXTENSION *ext;
|
226
212
|
VALUE oid, value, critical, valstr, obj;
|
227
213
|
int nid;
|
228
|
-
#ifdef HAVE_X509V3_EXT_NCONF_NID
|
229
214
|
VALUE rconf;
|
230
215
|
CONF *conf;
|
231
|
-
#else
|
232
|
-
static LHASH *empty_lhash;
|
233
|
-
#endif
|
234
216
|
|
235
217
|
rb_scan_args(argc, argv, "21", &oid, &value, &critical);
|
236
|
-
|
218
|
+
StringValueCStr(oid);
|
237
219
|
StringValue(value);
|
238
220
|
if(NIL_P(critical)) critical = Qfalse;
|
239
221
|
|
240
222
|
nid = OBJ_ln2nid(RSTRING_PTR(oid));
|
241
223
|
if(!nid) nid = OBJ_sn2nid(RSTRING_PTR(oid));
|
242
|
-
if(!nid) ossl_raise(eX509ExtError, "unknown OID `%
|
224
|
+
if(!nid) ossl_raise(eX509ExtError, "unknown OID `%"PRIsVALUE"'", oid);
|
225
|
+
|
243
226
|
valstr = rb_str_new2(RTEST(critical) ? "critical," : "");
|
244
227
|
rb_str_append(valstr, value);
|
228
|
+
StringValueCStr(valstr);
|
229
|
+
|
245
230
|
GetX509ExtFactory(self, ctx);
|
246
231
|
obj = NewX509Ext(cX509Ext);
|
247
|
-
#ifdef HAVE_X509V3_EXT_NCONF_NID
|
248
232
|
rconf = rb_iv_get(self, "@config");
|
249
233
|
conf = NIL_P(rconf) ? NULL : DupConfigPtr(rconf);
|
250
234
|
X509V3_set_nconf(ctx, conf);
|
251
235
|
ext = X509V3_EXT_nconf_nid(conf, ctx, nid, RSTRING_PTR(valstr));
|
252
236
|
X509V3_set_ctx_nodb(ctx);
|
253
237
|
NCONF_free(conf);
|
254
|
-
#else
|
255
|
-
if (!empty_lhash) empty_lhash = lh_new(NULL, NULL);
|
256
|
-
ext = X509V3_EXT_conf_nid(empty_lhash, ctx, nid, RSTRING_PTR(valstr));
|
257
|
-
#endif
|
258
238
|
if (!ext){
|
259
|
-
ossl_raise(eX509ExtError, "%
|
260
|
-
RSTRING_PTR(oid), RSTRING_PTR(value));
|
239
|
+
ossl_raise(eX509ExtError, "%"PRIsVALUE" = %"PRIsVALUE, oid, valstr);
|
261
240
|
}
|
262
241
|
SetX509Ext(obj, ext);
|
263
242
|
|
@@ -319,6 +298,25 @@ ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
|
|
319
298
|
return self;
|
320
299
|
}
|
321
300
|
|
301
|
+
static VALUE
|
302
|
+
ossl_x509ext_initialize_copy(VALUE self, VALUE other)
|
303
|
+
{
|
304
|
+
X509_EXTENSION *ext, *ext_other, *ext_new;
|
305
|
+
|
306
|
+
rb_check_frozen(self);
|
307
|
+
GetX509Ext(self, ext);
|
308
|
+
SafeGetX509Ext(other, ext_other);
|
309
|
+
|
310
|
+
ext_new = X509_EXTENSION_dup(ext_other);
|
311
|
+
if (!ext_new)
|
312
|
+
ossl_raise(eX509ExtError, "X509_EXTENSION_dup");
|
313
|
+
|
314
|
+
SetX509Ext(self, ext_new);
|
315
|
+
X509_EXTENSION_free(ext);
|
316
|
+
|
317
|
+
return self;
|
318
|
+
}
|
319
|
+
|
322
320
|
static VALUE
|
323
321
|
ossl_x509ext_set_oid(VALUE self, VALUE oid)
|
324
322
|
{
|
@@ -402,7 +400,7 @@ ossl_x509ext_get_value(VALUE obj)
|
|
402
400
|
if (!(out = BIO_new(BIO_s_mem())))
|
403
401
|
ossl_raise(eX509ExtError, NULL);
|
404
402
|
if (!X509V3_EXT_print(out, ext, 0, 0))
|
405
|
-
|
403
|
+
ASN1_STRING_print(out, (ASN1_STRING *)X509_EXTENSION_get_data(ext));
|
406
404
|
ret = ossl_membio2str(out);
|
407
405
|
|
408
406
|
return ret;
|
@@ -443,6 +441,13 @@ ossl_x509ext_to_der(VALUE obj)
|
|
443
441
|
void
|
444
442
|
Init_ossl_x509ext(void)
|
445
443
|
{
|
444
|
+
#undef rb_intern
|
445
|
+
#if 0
|
446
|
+
mOSSL = rb_define_module("OpenSSL");
|
447
|
+
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
|
448
|
+
mX509 = rb_define_module_under(mOSSL, "X509");
|
449
|
+
#endif
|
450
|
+
|
446
451
|
eX509ExtError = rb_define_class_under(mX509, "ExtensionError", eOSSLError);
|
447
452
|
|
448
453
|
cX509ExtFactory = rb_define_class_under(mX509, "ExtensionFactory", rb_cObject);
|
@@ -465,6 +470,7 @@ Init_ossl_x509ext(void)
|
|
465
470
|
cX509Ext = rb_define_class_under(mX509, "Extension", rb_cObject);
|
466
471
|
rb_define_alloc_func(cX509Ext, ossl_x509ext_alloc);
|
467
472
|
rb_define_method(cX509Ext, "initialize", ossl_x509ext_initialize, -1);
|
473
|
+
rb_define_copy_func(cX509Ext, ossl_x509ext_initialize_copy);
|
468
474
|
rb_define_method(cX509Ext, "oid=", ossl_x509ext_set_oid, 1);
|
469
475
|
rb_define_method(cX509Ext, "value=", ossl_x509ext_set_value, 1);
|
470
476
|
rb_define_method(cX509Ext, "critical=", ossl_x509ext_set_critical, 1);
|
@@ -181,6 +181,25 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
|
|
181
181
|
return self;
|
182
182
|
}
|
183
183
|
|
184
|
+
static VALUE
|
185
|
+
ossl_x509name_initialize_copy(VALUE self, VALUE other)
|
186
|
+
{
|
187
|
+
X509_NAME *name, *name_other, *name_new;
|
188
|
+
|
189
|
+
rb_check_frozen(self);
|
190
|
+
GetX509Name(self, name);
|
191
|
+
SafeGetX509Name(other, name_other);
|
192
|
+
|
193
|
+
name_new = X509_NAME_dup(name_other);
|
194
|
+
if (!name_new)
|
195
|
+
ossl_raise(eX509NameError, "X509_NAME_dup");
|
196
|
+
|
197
|
+
SetX509Name(self, name_new);
|
198
|
+
X509_NAME_free(name);
|
199
|
+
|
200
|
+
return self;
|
201
|
+
}
|
202
|
+
|
184
203
|
/*
|
185
204
|
* call-seq:
|
186
205
|
* name.add_entry(oid, value [, type]) => self
|
@@ -220,14 +239,31 @@ ossl_x509name_to_s_old(VALUE self)
|
|
220
239
|
{
|
221
240
|
X509_NAME *name;
|
222
241
|
char *buf;
|
223
|
-
VALUE str;
|
224
242
|
|
225
243
|
GetX509Name(self, name);
|
226
244
|
buf = X509_NAME_oneline(name, NULL, 0);
|
227
|
-
|
228
|
-
|
245
|
+
if (!buf)
|
246
|
+
ossl_raise(eX509NameError, "X509_NAME_oneline");
|
247
|
+
return ossl_buf2str(buf, rb_long2int(strlen(buf)));
|
248
|
+
}
|
229
249
|
|
230
|
-
|
250
|
+
static VALUE
|
251
|
+
x509name_print(VALUE self, unsigned long iflag)
|
252
|
+
{
|
253
|
+
X509_NAME *name;
|
254
|
+
BIO *out;
|
255
|
+
int ret;
|
256
|
+
|
257
|
+
GetX509Name(self, name);
|
258
|
+
out = BIO_new(BIO_s_mem());
|
259
|
+
if (!out)
|
260
|
+
ossl_raise(eX509NameError, NULL);
|
261
|
+
ret = X509_NAME_print_ex(out, name, 0, iflag);
|
262
|
+
if (ret < 0 || iflag == XN_FLAG_COMPAT && ret == 0) {
|
263
|
+
BIO_free(out);
|
264
|
+
ossl_raise(eX509NameError, "X509_NAME_print_ex");
|
265
|
+
}
|
266
|
+
return ossl_membio2str(out);
|
231
267
|
}
|
232
268
|
|
233
269
|
/*
|
@@ -245,25 +281,12 @@ ossl_x509name_to_s_old(VALUE self)
|
|
245
281
|
static VALUE
|
246
282
|
ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
|
247
283
|
{
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
unsigned long iflag;
|
252
|
-
|
253
|
-
rb_scan_args(argc, argv, "01", &flag);
|
254
|
-
if (NIL_P(flag))
|
284
|
+
rb_check_arity(argc, 0, 1);
|
285
|
+
/* name.to_s(nil) was allowed */
|
286
|
+
if (!argc || NIL_P(argv[0]))
|
255
287
|
return ossl_x509name_to_s_old(self);
|
256
|
-
else
|
257
|
-
|
258
|
-
ossl_raise(eX509NameError, NULL);
|
259
|
-
GetX509Name(self, name);
|
260
|
-
if (!X509_NAME_print_ex(out, name, 0, iflag)){
|
261
|
-
BIO_free(out);
|
262
|
-
ossl_raise(eX509NameError, NULL);
|
263
|
-
}
|
264
|
-
str = ossl_membio2str(out);
|
265
|
-
|
266
|
-
return str;
|
288
|
+
else
|
289
|
+
return x509name_print(self, NUM2ULONG(argv[0]));
|
267
290
|
}
|
268
291
|
|
269
292
|
/*
|
@@ -282,6 +305,7 @@ ossl_x509name_to_a(VALUE self)
|
|
282
305
|
char long_name[512];
|
283
306
|
const char *short_name;
|
284
307
|
VALUE ary, vname, ret;
|
308
|
+
ASN1_STRING *value;
|
285
309
|
|
286
310
|
GetX509Name(self, name);
|
287
311
|
entries = X509_NAME_entry_count(name);
|
@@ -294,7 +318,8 @@ ossl_x509name_to_a(VALUE self)
|
|
294
318
|
if (!(entry = X509_NAME_get_entry(name, i))) {
|
295
319
|
ossl_raise(eX509NameError, NULL);
|
296
320
|
}
|
297
|
-
if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
|
321
|
+
if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
|
322
|
+
X509_NAME_ENTRY_get_object(entry))) {
|
298
323
|
ossl_raise(eX509NameError, NULL);
|
299
324
|
}
|
300
325
|
nid = OBJ_ln2nid(long_name);
|
@@ -304,10 +329,8 @@ ossl_x509name_to_a(VALUE self)
|
|
304
329
|
short_name = OBJ_nid2sn(nid);
|
305
330
|
vname = rb_str_new2(short_name); /*do not free*/
|
306
331
|
}
|
307
|
-
|
308
|
-
|
309
|
-
rb_str_new((const char *)entry->value->data, entry->value->length),
|
310
|
-
INT2FIX(entry->value->type));
|
332
|
+
value = X509_NAME_ENTRY_get_data(entry);
|
333
|
+
ary = rb_ary_new3(3, vname, asn1str_to_str(value), INT2NUM(value->type));
|
311
334
|
rb_ary_push(ret, ary);
|
312
335
|
}
|
313
336
|
return ret;
|
@@ -339,7 +362,7 @@ ossl_x509name_cmp(VALUE self, VALUE other)
|
|
339
362
|
|
340
363
|
result = ossl_x509name_cmp0(self, other);
|
341
364
|
if (result < 0) return INT2FIX(-1);
|
342
|
-
if (result >
|
365
|
+
if (result > 0) return INT2FIX(1);
|
343
366
|
|
344
367
|
return INT2FIX(0);
|
345
368
|
}
|
@@ -353,12 +376,10 @@ ossl_x509name_cmp(VALUE self, VALUE other)
|
|
353
376
|
static VALUE
|
354
377
|
ossl_x509name_eql(VALUE self, VALUE other)
|
355
378
|
{
|
356
|
-
|
379
|
+
if (!rb_obj_is_kind_of(other, cX509Name))
|
380
|
+
return Qfalse;
|
357
381
|
|
358
|
-
|
359
|
-
result = ossl_x509name_cmp0(self, other);
|
360
|
-
|
361
|
-
return (result == 0) ? Qtrue : Qfalse;
|
382
|
+
return ossl_x509name_cmp0(self, other) == 0 ? Qtrue : Qfalse;
|
362
383
|
}
|
363
384
|
|
364
385
|
/*
|
@@ -445,8 +466,15 @@ ossl_x509name_to_der(VALUE self)
|
|
445
466
|
void
|
446
467
|
Init_ossl_x509name(void)
|
447
468
|
{
|
469
|
+
#undef rb_intern
|
448
470
|
VALUE utf8str, ptrstr, ia5str, hash;
|
449
471
|
|
472
|
+
#if 0
|
473
|
+
mOSSL = rb_define_module("OpenSSL");
|
474
|
+
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
|
475
|
+
mX509 = rb_define_module_under(mOSSL, "X509");
|
476
|
+
#endif
|
477
|
+
|
450
478
|
id_aref = rb_intern("[]");
|
451
479
|
eX509NameError = rb_define_class_under(mX509, "NameError", eOSSLError);
|
452
480
|
cX509Name = rb_define_class_under(mX509, "Name", rb_cObject);
|
@@ -455,6 +483,7 @@ Init_ossl_x509name(void)
|
|
455
483
|
|
456
484
|
rb_define_alloc_func(cX509Name, ossl_x509name_alloc);
|
457
485
|
rb_define_method(cX509Name, "initialize", ossl_x509name_initialize, -1);
|
486
|
+
rb_define_copy_func(cX509Name, ossl_x509name_initialize_copy);
|
458
487
|
rb_define_method(cX509Name, "add_entry", ossl_x509name_add_entry, -1);
|
459
488
|
rb_define_method(cX509Name, "to_s", ossl_x509name_to_s, -1);
|
460
489
|
rb_define_method(cX509Name, "to_a", ossl_x509name_to_a, 0);
|
@@ -471,8 +500,7 @@ Init_ossl_x509name(void)
|
|
471
500
|
ptrstr = INT2NUM(V_ASN1_PRINTABLESTRING);
|
472
501
|
ia5str = INT2NUM(V_ASN1_IA5STRING);
|
473
502
|
|
474
|
-
/*
|
475
|
-
*
|
503
|
+
/*
|
476
504
|
* The default object type for name entries.
|
477
505
|
*/
|
478
506
|
rb_define_const(cX509Name, "DEFAULT_OBJECT_TYPE", utf8str);
|
@@ -486,14 +514,12 @@ Init_ossl_x509name(void)
|
|
486
514
|
rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str);
|
487
515
|
rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str);
|
488
516
|
|
489
|
-
/*
|
490
|
-
*
|
517
|
+
/*
|
491
518
|
* The default object type template for name entries.
|
492
519
|
*/
|
493
520
|
rb_define_const(cX509Name, "OBJECT_TYPE_TEMPLATE", hash);
|
494
521
|
|
495
|
-
/*
|
496
|
-
*
|
522
|
+
/*
|
497
523
|
* A flag for #to_s.
|
498
524
|
*
|
499
525
|
* Breaks the name returned into multiple lines if longer than 80
|
@@ -501,24 +527,21 @@ Init_ossl_x509name(void)
|
|
501
527
|
*/
|
502
528
|
rb_define_const(cX509Name, "COMPAT", ULONG2NUM(XN_FLAG_COMPAT));
|
503
529
|
|
504
|
-
/*
|
505
|
-
*
|
530
|
+
/*
|
506
531
|
* A flag for #to_s.
|
507
532
|
*
|
508
533
|
* Returns an RFC2253 format name.
|
509
534
|
*/
|
510
535
|
rb_define_const(cX509Name, "RFC2253", ULONG2NUM(XN_FLAG_RFC2253));
|
511
536
|
|
512
|
-
/*
|
513
|
-
*
|
537
|
+
/*
|
514
538
|
* A flag for #to_s.
|
515
539
|
*
|
516
540
|
* Returns a more readable format than RFC2253.
|
517
541
|
*/
|
518
542
|
rb_define_const(cX509Name, "ONELINE", ULONG2NUM(XN_FLAG_ONELINE));
|
519
543
|
|
520
|
-
/*
|
521
|
-
*
|
544
|
+
/*
|
522
545
|
* A flag for #to_s.
|
523
546
|
*
|
524
547
|
* Returns a multiline format.
|
@@ -123,7 +123,7 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
|
|
123
123
|
return self;
|
124
124
|
}
|
125
125
|
arg = ossl_to_der_if_possible(arg);
|
126
|
-
in = ossl_obj2bio(arg);
|
126
|
+
in = ossl_obj2bio(&arg);
|
127
127
|
req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL);
|
128
128
|
DATA_PTR(self) = x;
|
129
129
|
if (!req) {
|
@@ -160,8 +160,6 @@ ossl_x509req_to_pem(VALUE self)
|
|
160
160
|
{
|
161
161
|
X509_REQ *req;
|
162
162
|
BIO *out;
|
163
|
-
BUF_MEM *buf;
|
164
|
-
VALUE str;
|
165
163
|
|
166
164
|
GetX509Req(self, req);
|
167
165
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
@@ -171,11 +169,8 @@ ossl_x509req_to_pem(VALUE self)
|
|
171
169
|
BIO_free(out);
|
172
170
|
ossl_raise(eX509ReqError, NULL);
|
173
171
|
}
|
174
|
-
BIO_get_mem_ptr(out, &buf);
|
175
|
-
str = rb_str_new(buf->data, buf->length);
|
176
|
-
BIO_free(out);
|
177
172
|
|
178
|
-
return
|
173
|
+
return ossl_membio2str(out);
|
179
174
|
}
|
180
175
|
|
181
176
|
static VALUE
|
@@ -203,8 +198,6 @@ ossl_x509req_to_text(VALUE self)
|
|
203
198
|
{
|
204
199
|
X509_REQ *req;
|
205
200
|
BIO *out;
|
206
|
-
BUF_MEM *buf;
|
207
|
-
VALUE str;
|
208
201
|
|
209
202
|
GetX509Req(self, req);
|
210
203
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
@@ -214,11 +207,8 @@ ossl_x509req_to_text(VALUE self)
|
|
214
207
|
BIO_free(out);
|
215
208
|
ossl_raise(eX509ReqError, NULL);
|
216
209
|
}
|
217
|
-
BIO_get_mem_ptr(out, &buf);
|
218
|
-
str = rb_str_new(buf->data, buf->length);
|
219
|
-
BIO_free(out);
|
220
210
|
|
221
|
-
return
|
211
|
+
return ossl_membio2str(out);
|
222
212
|
}
|
223
213
|
|
224
214
|
#if 0
|
@@ -250,7 +240,7 @@ ossl_x509req_get_version(VALUE self)
|
|
250
240
|
GetX509Req(self, req);
|
251
241
|
version = X509_REQ_get_version(req);
|
252
242
|
|
253
|
-
return
|
243
|
+
return LONG2NUM(version);
|
254
244
|
}
|
255
245
|
|
256
246
|
static VALUE
|
@@ -259,12 +249,12 @@ ossl_x509req_set_version(VALUE self, VALUE version)
|
|
259
249
|
X509_REQ *req;
|
260
250
|
long ver;
|
261
251
|
|
262
|
-
if ((ver =
|
252
|
+
if ((ver = NUM2LONG(version)) < 0) {
|
263
253
|
ossl_raise(eX509ReqError, "version must be >= 0!");
|
264
254
|
}
|
265
255
|
GetX509Req(self, req);
|
266
256
|
if (!X509_REQ_set_version(req, ver)) {
|
267
|
-
ossl_raise(eX509ReqError,
|
257
|
+
ossl_raise(eX509ReqError, "X509_REQ_set_version");
|
268
258
|
}
|
269
259
|
|
270
260
|
return version;
|
@@ -302,23 +292,21 @@ static VALUE
|
|
302
292
|
ossl_x509req_get_signature_algorithm(VALUE self)
|
303
293
|
{
|
304
294
|
X509_REQ *req;
|
295
|
+
const X509_ALGOR *alg;
|
305
296
|
BIO *out;
|
306
|
-
BUF_MEM *buf;
|
307
|
-
VALUE str;
|
308
297
|
|
309
298
|
GetX509Req(self, req);
|
310
299
|
|
311
300
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
312
301
|
ossl_raise(eX509ReqError, NULL);
|
313
302
|
}
|
314
|
-
|
303
|
+
X509_REQ_get0_signature(req, NULL, &alg);
|
304
|
+
if (!i2a_ASN1_OBJECT(out, alg->algorithm)) {
|
315
305
|
BIO_free(out);
|
316
306
|
ossl_raise(eX509ReqError, NULL);
|
317
307
|
}
|
318
|
-
|
319
|
-
|
320
|
-
BIO_free(out);
|
321
|
-
return str;
|
308
|
+
|
309
|
+
return ossl_membio2str(out);
|
322
310
|
}
|
323
311
|
|
324
312
|
static VALUE
|
@@ -342,11 +330,10 @@ ossl_x509req_set_public_key(VALUE self, VALUE key)
|
|
342
330
|
EVP_PKEY *pkey;
|
343
331
|
|
344
332
|
GetX509Req(self, req);
|
345
|
-
pkey = GetPKeyPtr(key);
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
333
|
+
pkey = GetPKeyPtr(key);
|
334
|
+
ossl_pkey_check_public_key(pkey);
|
335
|
+
if (!X509_REQ_set_pubkey(req, pkey))
|
336
|
+
ossl_raise(eX509ReqError, "X509_REQ_set_pubkey");
|
350
337
|
return key;
|
351
338
|
}
|
352
339
|
|
@@ -375,18 +362,19 @@ ossl_x509req_verify(VALUE self, VALUE key)
|
|
375
362
|
{
|
376
363
|
X509_REQ *req;
|
377
364
|
EVP_PKEY *pkey;
|
378
|
-
int i;
|
379
365
|
|
380
366
|
GetX509Req(self, req);
|
381
|
-
pkey = GetPKeyPtr(key);
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
if (i > 0) {
|
367
|
+
pkey = GetPKeyPtr(key);
|
368
|
+
ossl_pkey_check_public_key(pkey);
|
369
|
+
switch (X509_REQ_verify(req, pkey)) {
|
370
|
+
case 1:
|
386
371
|
return Qtrue;
|
372
|
+
case 0:
|
373
|
+
ossl_clear_error();
|
374
|
+
return Qfalse;
|
375
|
+
default:
|
376
|
+
ossl_raise(eX509ReqError, NULL);
|
387
377
|
}
|
388
|
-
|
389
|
-
return Qfalse;
|
390
378
|
}
|
391
379
|
|
392
380
|
static VALUE
|
@@ -426,8 +414,8 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary)
|
|
426
414
|
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Attr);
|
427
415
|
}
|
428
416
|
GetX509Req(self, req);
|
429
|
-
|
430
|
-
|
417
|
+
while ((attr = X509_REQ_delete_attr(req, 0)))
|
418
|
+
X509_ATTRIBUTE_free(attr);
|
431
419
|
for (i=0;i<RARRAY_LEN(ary); i++) {
|
432
420
|
item = RARRAY_AREF(ary, i);
|
433
421
|
attr = GetX509AttrPtr(item);
|
@@ -457,6 +445,12 @@ ossl_x509req_add_attribute(VALUE self, VALUE attr)
|
|
457
445
|
void
|
458
446
|
Init_ossl_x509req(void)
|
459
447
|
{
|
448
|
+
#if 0
|
449
|
+
mOSSL = rb_define_module("OpenSSL");
|
450
|
+
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
|
451
|
+
mX509 = rb_define_module_under(mOSSL, "X509");
|
452
|
+
#endif
|
453
|
+
|
460
454
|
eX509ReqError = rb_define_class_under(mX509, "RequestError", eOSSLError);
|
461
455
|
|
462
456
|
cX509Req = rb_define_class_under(mX509, "Request", rb_cObject);
|