Ruby  2.4.2p198(2017-09-14revision59899)
ossl_x509cert.c
Go to the documentation of this file.
1 /*
2  * 'OpenSSL for Ruby' project
3  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
4  * All rights reserved.
5  */
6 /*
7  * This program is licensed under the same licence as Ruby.
8  * (See the file 'LICENCE'.)
9  */
10 #include "ossl.h"
11 
12 #define NewX509(klass) \
13  TypedData_Wrap_Struct((klass), &ossl_x509_type, 0)
14 #define SetX509(obj, x509) do { \
15  if (!(x509)) { \
16  ossl_raise(rb_eRuntimeError, "CERT wasn't initialized!"); \
17  } \
18  RTYPEDDATA_DATA(obj) = (x509); \
19 } while (0)
20 #define GetX509(obj, x509) do { \
21  TypedData_Get_Struct((obj), X509, &ossl_x509_type, (x509)); \
22  if (!(x509)) { \
23  ossl_raise(rb_eRuntimeError, "CERT wasn't initialized!"); \
24  } \
25 } while (0)
26 #define SafeGetX509(obj, x509) do { \
27  OSSL_Check_Kind((obj), cX509Cert); \
28  GetX509((obj), (x509)); \
29 } while (0)
30 
31 /*
32  * Classes
33  */
36 
37 static void
38 ossl_x509_free(void *ptr)
39 {
40  X509_free(ptr);
41 }
42 
44  "OpenSSL/X509",
45  {
46  0, ossl_x509_free,
47  },
49 };
50 
51 /*
52  * Public
53  */
54 VALUE
55 ossl_x509_new(X509 *x509)
56 {
57  X509 *new;
58  VALUE obj;
59 
60  obj = NewX509(cX509Cert);
61  if (!x509) {
62  new = X509_new();
63  } else {
64  new = X509_dup(x509);
65  }
66  if (!new) {
68  }
69  SetX509(obj, new);
70 
71  return obj;
72 }
73 
74 VALUE
76 {
77  X509 *x509;
78  FILE *fp;
79  VALUE obj;
80 
81  rb_check_safe_obj(filename);
82  obj = NewX509(cX509Cert);
83  if (!(fp = fopen(StringValueCStr(filename), "r"))) {
85  }
87  x509 = PEM_read_X509(fp, NULL, NULL, NULL);
88  /*
89  * prepare for DER...
90 #if !defined(OPENSSL_NO_FP_API)
91  if (!x509) {
92  (void)ERR_get_error();
93  rewind(fp);
94 
95  x509 = d2i_X509_fp(fp, NULL);
96  }
97 #endif
98  */
99  fclose(fp);
100  if (!x509) {
102  }
103  SetX509(obj, x509);
104 
105  return obj;
106 }
107 
108 X509 *
110 {
111  X509 *x509;
112 
113  SafeGetX509(obj, x509);
114 
115  return x509;
116 }
117 
118 X509 *
120 {
121  X509 *x509;
122 
123  SafeGetX509(obj, x509);
124 
125  X509_up_ref(x509);
126 
127  return x509;
128 }
129 
130 /*
131  * Private
132  */
133 static VALUE
135 {
136  X509 *x509;
137  VALUE obj;
138 
139  obj = NewX509(klass);
140  x509 = X509_new();
141  if (!x509) ossl_raise(eX509CertError, NULL);
142  SetX509(obj, x509);
143 
144  return obj;
145 }
146 
147 /*
148  * call-seq:
149  * Certificate.new => cert
150  * Certificate.new(string) => cert
151  */
152 static VALUE
154 {
155  BIO *in;
156  X509 *x509, *x = DATA_PTR(self);
157  VALUE arg;
158 
159  if (rb_scan_args(argc, argv, "01", &arg) == 0) {
160  /* create just empty X509Cert */
161  return self;
162  }
163  arg = ossl_to_der_if_possible(arg);
164  in = ossl_obj2bio(&arg);
165  x509 = PEM_read_bio_X509(in, &x, NULL, NULL);
166  DATA_PTR(self) = x;
167  if (!x509) {
168  OSSL_BIO_reset(in);
169  x509 = d2i_X509_bio(in, &x);
170  DATA_PTR(self) = x;
171  }
172  BIO_free(in);
173  if (!x509) ossl_raise(eX509CertError, NULL);
174 
175  return self;
176 }
177 
178 static VALUE
180 {
181  X509 *a, *b, *x509;
182 
183  rb_check_frozen(self);
184  if (self == other) return self;
185 
186  GetX509(self, a);
187  SafeGetX509(other, b);
188 
189  x509 = X509_dup(b);
190  if (!x509) ossl_raise(eX509CertError, NULL);
191 
192  DATA_PTR(self) = x509;
193  X509_free(a);
194 
195  return self;
196 }
197 
198 /*
199  * call-seq:
200  * cert.to_der => string
201  */
202 static VALUE
204 {
205  X509 *x509;
206  VALUE str;
207  long len;
208  unsigned char *p;
209 
210  GetX509(self, x509);
211  if ((len = i2d_X509(x509, NULL)) <= 0)
213  str = rb_str_new(0, len);
214  p = (unsigned char *)RSTRING_PTR(str);
215  if (i2d_X509(x509, &p) <= 0)
217  ossl_str_adjust(str, p);
218 
219  return str;
220 }
221 
222 /*
223  * call-seq:
224  * cert.to_pem => string
225  */
226 static VALUE
228 {
229  X509 *x509;
230  BIO *out;
231  VALUE str;
232 
233  GetX509(self, x509);
234  out = BIO_new(BIO_s_mem());
235  if (!out) ossl_raise(eX509CertError, NULL);
236 
237  if (!PEM_write_bio_X509(out, x509)) {
238  BIO_free(out);
240  }
241  str = ossl_membio2str(out);
242 
243  return str;
244 }
245 
246 /*
247  * call-seq:
248  * cert.to_text => string
249  */
250 static VALUE
252 {
253  X509 *x509;
254  BIO *out;
255  VALUE str;
256 
257  GetX509(self, x509);
258 
259  out = BIO_new(BIO_s_mem());
260  if (!out) ossl_raise(eX509CertError, NULL);
261 
262  if (!X509_print(out, x509)) {
263  BIO_free(out);
265  }
266  str = ossl_membio2str(out);
267 
268  return str;
269 }
270 
271 #if 0
272 /*
273  * Makes from X509 X509_REQuest
274  */
275 static VALUE
276 ossl_x509_to_req(VALUE self)
277 {
278  X509 *x509;
279  X509_REQ *req;
280  VALUE obj;
281 
282  GetX509(self, x509);
283  if (!(req = X509_to_X509_REQ(x509, NULL, EVP_md5()))) {
285  }
286  obj = ossl_x509req_new(req);
287  X509_REQ_free(req);
288 
289  return obj;
290 }
291 #endif
292 
293 /*
294  * call-seq:
295  * cert.version => integer
296  */
297 static VALUE
299 {
300  X509 *x509;
301 
302  GetX509(self, x509);
303 
304  return LONG2NUM(X509_get_version(x509));
305 }
306 
307 /*
308  * call-seq:
309  * cert.version = integer => integer
310  */
311 static VALUE
313 {
314  X509 *x509;
315  long ver;
316 
317  if ((ver = NUM2LONG(version)) < 0) {
318  ossl_raise(eX509CertError, "version must be >= 0!");
319  }
320  GetX509(self, x509);
321  if (!X509_set_version(x509, ver)) {
323  }
324 
325  return version;
326 }
327 
328 /*
329  * call-seq:
330  * cert.serial => integer
331  */
332 static VALUE
334 {
335  X509 *x509;
336 
337  GetX509(self, x509);
338 
339  return asn1integer_to_num(X509_get_serialNumber(x509));
340 }
341 
342 /*
343  * call-seq:
344  * cert.serial = integer => integer
345  */
346 static VALUE
348 {
349  X509 *x509;
350 
351  GetX509(self, x509);
352  X509_set_serialNumber(x509, num_to_asn1integer(num, X509_get_serialNumber(x509)));
353 
354  return num;
355 }
356 
357 /*
358  * call-seq:
359  * cert.signature_algorithm => string
360  */
361 static VALUE
363 {
364  X509 *x509;
365  BIO *out;
366  VALUE str;
367 
368  GetX509(self, x509);
369  out = BIO_new(BIO_s_mem());
370  if (!out) ossl_raise(eX509CertError, NULL);
371 
372  if (!i2a_ASN1_OBJECT(out, X509_get0_tbs_sigalg(x509)->algorithm)) {
373  BIO_free(out);
375  }
376  str = ossl_membio2str(out);
377 
378  return str;
379 }
380 
381 /*
382  * call-seq:
383  * cert.subject => name
384  */
385 static VALUE
387 {
388  X509 *x509;
389  X509_NAME *name;
390 
391  GetX509(self, x509);
392  if (!(name = X509_get_subject_name(x509))) { /* NO DUP - don't free! */
394  }
395 
396  return ossl_x509name_new(name);
397 }
398 
399 /*
400  * call-seq:
401  * cert.subject = name => name
402  */
403 static VALUE
405 {
406  X509 *x509;
407 
408  GetX509(self, x509);
409  if (!X509_set_subject_name(x509, GetX509NamePtr(subject))) { /* DUPs name */
411  }
412 
413  return subject;
414 }
415 
416 /*
417  * call-seq:
418  * cert.issuer => name
419  */
420 static VALUE
422 {
423  X509 *x509;
424  X509_NAME *name;
425 
426  GetX509(self, x509);
427  if(!(name = X509_get_issuer_name(x509))) { /* NO DUP - don't free! */
429  }
430 
431  return ossl_x509name_new(name);
432 }
433 
434 /*
435  * call-seq:
436  * cert.issuer = name => name
437  */
438 static VALUE
440 {
441  X509 *x509;
442 
443  GetX509(self, x509);
444  if (!X509_set_issuer_name(x509, GetX509NamePtr(issuer))) { /* DUPs name */
446  }
447 
448  return issuer;
449 }
450 
451 /*
452  * call-seq:
453  * cert.not_before => time
454  */
455 static VALUE
457 {
458  X509 *x509;
459  const ASN1_TIME *asn1time;
460 
461  GetX509(self, x509);
462  if (!(asn1time = X509_get0_notBefore(x509))) {
464  }
465 
466  return asn1time_to_time(asn1time);
467 }
468 
469 /*
470  * call-seq:
471  * cert.not_before = time => time
472  */
473 static VALUE
475 {
476  X509 *x509;
477  ASN1_TIME *asn1time;
478 
479  GetX509(self, x509);
480  asn1time = ossl_x509_time_adjust(NULL, time);
481  if (!X509_set_notBefore(x509, asn1time)) {
482  ASN1_TIME_free(asn1time);
483  ossl_raise(eX509CertError, "X509_set_notBefore");
484  }
485  ASN1_TIME_free(asn1time);
486 
487  return time;
488 }
489 
490 /*
491  * call-seq:
492  * cert.not_after => time
493  */
494 static VALUE
496 {
497  X509 *x509;
498  const ASN1_TIME *asn1time;
499 
500  GetX509(self, x509);
501  if (!(asn1time = X509_get0_notAfter(x509))) {
503  }
504 
505  return asn1time_to_time(asn1time);
506 }
507 
508 /*
509  * call-seq:
510  * cert.not_after = time => time
511  */
512 static VALUE
514 {
515  X509 *x509;
516  ASN1_TIME *asn1time;
517 
518  GetX509(self, x509);
519  asn1time = ossl_x509_time_adjust(NULL, time);
520  if (!X509_set_notAfter(x509, asn1time)) {
521  ASN1_TIME_free(asn1time);
522  ossl_raise(eX509CertError, "X509_set_notAfter");
523  }
524  ASN1_TIME_free(asn1time);
525 
526  return time;
527 }
528 
529 /*
530  * call-seq:
531  * cert.public_key => key
532  */
533 static VALUE
535 {
536  X509 *x509;
537  EVP_PKEY *pkey;
538 
539  GetX509(self, x509);
540  if (!(pkey = X509_get_pubkey(x509))) { /* adds an reference */
542  }
543 
544  return ossl_pkey_new(pkey); /* NO DUP - OK */
545 }
546 
547 /*
548  * call-seq:
549  * cert.public_key = key => key
550  */
551 static VALUE
553 {
554  X509 *x509;
555 
556  GetX509(self, x509);
557  if (!X509_set_pubkey(x509, GetPKeyPtr(key))) { /* DUPs pkey */
559  }
560 
561  return key;
562 }
563 
564 /*
565  * call-seq:
566  * cert.sign(key, digest) => self
567  */
568 static VALUE
570 {
571  X509 *x509;
572  EVP_PKEY *pkey;
573  const EVP_MD *md;
574 
575  pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
576  md = GetDigestPtr(digest);
577  GetX509(self, x509);
578  if (!X509_sign(x509, pkey, md)) {
580  }
581 
582  return self;
583 }
584 
585 /*
586  * call-seq:
587  * cert.verify(key) => true | false
588  *
589  * Checks that cert signature is made with PRIVversion of this PUBLIC 'key'
590  */
591 static VALUE
593 {
594  X509 *x509;
595  EVP_PKEY *pkey;
596 
597  pkey = GetPKeyPtr(key); /* NO NEED TO DUP */
598  GetX509(self, x509);
599 
600  switch (X509_verify(x509, pkey)) {
601  case 1:
602  return Qtrue;
603  case 0:
605  return Qfalse;
606  default:
608  }
609 }
610 
611 /*
612  * call-seq:
613  * cert.check_private_key(key)
614  *
615  * Checks if 'key' is PRIV key for this cert
616  */
617 static VALUE
619 {
620  X509 *x509;
621  EVP_PKEY *pkey;
622 
623  /* not needed private key, but should be */
624  pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
625  GetX509(self, x509);
626  if (!X509_check_private_key(x509, pkey)) {
628  return Qfalse;
629  }
630 
631  return Qtrue;
632 }
633 
634 /*
635  * call-seq:
636  * cert.extensions => [extension...]
637  */
638 static VALUE
640 {
641  X509 *x509;
642  int count, i;
643  X509_EXTENSION *ext;
644  VALUE ary;
645 
646  GetX509(self, x509);
647  count = X509_get_ext_count(x509);
648  if (count < 0) {
649  return rb_ary_new();
650  }
651  ary = rb_ary_new2(count);
652  for (i=0; i<count; i++) {
653  ext = X509_get_ext(x509, i); /* NO DUP - don't free! */
654  rb_ary_push(ary, ossl_x509ext_new(ext));
655  }
656 
657  return ary;
658 }
659 
660 /*
661  * call-seq:
662  * cert.extensions = [ext...] => [ext...]
663  */
664 static VALUE
666 {
667  X509 *x509;
668  X509_EXTENSION *ext;
669  long i;
670 
671  Check_Type(ary, T_ARRAY);
672  /* All ary's members should be X509Extension */
673  for (i=0; i<RARRAY_LEN(ary); i++) {
675  }
676  GetX509(self, x509);
677  while ((ext = X509_delete_ext(x509, 0)))
678  X509_EXTENSION_free(ext);
679  for (i=0; i<RARRAY_LEN(ary); i++) {
680  ext = GetX509ExtPtr(RARRAY_AREF(ary, i));
681  if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext */
683  }
684  }
685 
686  return ary;
687 }
688 
689 /*
690  * call-seq:
691  * cert.add_extension(extension) => extension
692  */
693 static VALUE
695 {
696  X509 *x509;
697  X509_EXTENSION *ext;
698 
699  GetX509(self, x509);
700  ext = GetX509ExtPtr(extension);
701  if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
703  }
704 
705  return extension;
706 }
707 
708 static VALUE
710 {
711  return rb_sprintf("#<%"PRIsVALUE": subject=%+"PRIsVALUE", "
712  "issuer=%+"PRIsVALUE", serial=%+"PRIsVALUE", "
713  "not_before=%+"PRIsVALUE", not_after=%+"PRIsVALUE">",
714  rb_obj_class(self),
715  ossl_x509_get_subject(self),
716  ossl_x509_get_issuer(self),
717  ossl_x509_get_serial(self),
720 }
721 
722 /*
723  * INIT
724  */
725 void
727 {
728 #if 0
729  mOSSL = rb_define_module("OpenSSL");
732 #endif
733 
734  eX509CertError = rb_define_class_under(mX509, "CertificateError", eOSSLError);
735 
736  /* Document-class: OpenSSL::X509::Certificate
737  *
738  * Implementation of an X.509 certificate as specified in RFC 5280.
739  * Provides access to a certificate's attributes and allows certificates
740  * to be read from a string, but also supports the creation of new
741  * certificates from scratch.
742  *
743  * === Reading a certificate from a file
744  *
745  * Certificate is capable of handling DER-encoded certificates and
746  * certificates encoded in OpenSSL's PEM format.
747  *
748  * raw = File.read "cert.cer" # DER- or PEM-encoded
749  * certificate = OpenSSL::X509::Certificate.new raw
750  *
751  * === Saving a certificate to a file
752  *
753  * A certificate may be encoded in DER format
754  *
755  * cert = ...
756  * File.open("cert.cer", "wb") { |f| f.print cert.to_der }
757  *
758  * or in PEM format
759  *
760  * cert = ...
761  * File.open("cert.pem", "wb") { |f| f.print cert.to_pem }
762  *
763  * X.509 certificates are associated with a private/public key pair,
764  * typically a RSA, DSA or ECC key (see also OpenSSL::PKey::RSA,
765  * OpenSSL::PKey::DSA and OpenSSL::PKey::EC), the public key itself is
766  * stored within the certificate and can be accessed in form of an
767  * OpenSSL::PKey. Certificates are typically used to be able to associate
768  * some form of identity with a key pair, for example web servers serving
769  * pages over HTTPs use certificates to authenticate themselves to the user.
770  *
771  * The public key infrastructure (PKI) model relies on trusted certificate
772  * authorities ("root CAs") that issue these certificates, so that end
773  * users need to base their trust just on a selected few authorities
774  * that themselves again vouch for subordinate CAs issuing their
775  * certificates to end users.
776  *
777  * The OpenSSL::X509 module provides the tools to set up an independent
778  * PKI, similar to scenarios where the 'openssl' command line tool is
779  * used for issuing certificates in a private PKI.
780  *
781  * === Creating a root CA certificate and an end-entity certificate
782  *
783  * First, we need to create a "self-signed" root certificate. To do so,
784  * we need to generate a key first. Please note that the choice of "1"
785  * as a serial number is considered a security flaw for real certificates.
786  * Secure choices are integers in the two-digit byte range and ideally
787  * not sequential but secure random numbers, steps omitted here to keep
788  * the example concise.
789  *
790  * root_key = OpenSSL::PKey::RSA.new 2048 # the CA's public/private key
791  * root_ca = OpenSSL::X509::Certificate.new
792  * root_ca.version = 2 # cf. RFC 5280 - to make it a "v3" certificate
793  * root_ca.serial = 1
794  * root_ca.subject = OpenSSL::X509::Name.parse "/DC=org/DC=ruby-lang/CN=Ruby CA"
795  * root_ca.issuer = root_ca.subject # root CA's are "self-signed"
796  * root_ca.public_key = root_key.public_key
797  * root_ca.not_before = Time.now
798  * root_ca.not_after = root_ca.not_before + 2 * 365 * 24 * 60 * 60 # 2 years validity
799  * ef = OpenSSL::X509::ExtensionFactory.new
800  * ef.subject_certificate = root_ca
801  * ef.issuer_certificate = root_ca
802  * root_ca.add_extension(ef.create_extension("basicConstraints","CA:TRUE",true))
803  * root_ca.add_extension(ef.create_extension("keyUsage","keyCertSign, cRLSign", true))
804  * root_ca.add_extension(ef.create_extension("subjectKeyIdentifier","hash",false))
805  * root_ca.add_extension(ef.create_extension("authorityKeyIdentifier","keyid:always",false))
806  * root_ca.sign(root_key, OpenSSL::Digest::SHA256.new)
807  *
808  * The next step is to create the end-entity certificate using the root CA
809  * certificate.
810  *
811  * key = OpenSSL::PKey::RSA.new 2048
812  * cert = OpenSSL::X509::Certificate.new
813  * cert.version = 2
814  * cert.serial = 2
815  * cert.subject = OpenSSL::X509::Name.parse "/DC=org/DC=ruby-lang/CN=Ruby certificate"
816  * cert.issuer = root_ca.subject # root CA is the issuer
817  * cert.public_key = key.public_key
818  * cert.not_before = Time.now
819  * cert.not_after = cert.not_before + 1 * 365 * 24 * 60 * 60 # 1 years validity
820  * ef = OpenSSL::X509::ExtensionFactory.new
821  * ef.subject_certificate = cert
822  * ef.issuer_certificate = root_ca
823  * cert.add_extension(ef.create_extension("keyUsage","digitalSignature", true))
824  * cert.add_extension(ef.create_extension("subjectKeyIdentifier","hash",false))
825  * cert.sign(root_key, OpenSSL::Digest::SHA256.new)
826  *
827  */
828  cX509Cert = rb_define_class_under(mX509, "Certificate", rb_cObject);
829 
831  rb_define_method(cX509Cert, "initialize", ossl_x509_initialize, -1);
833 
836  rb_define_alias(cX509Cert, "to_s", "to_pem");
855  rb_define_method(cX509Cert, "check_private_key", ossl_x509_check_private_key, 1);
858  rb_define_method(cX509Cert, "add_extension", ossl_x509_add_extension, 1);
860 }
#define NewX509(klass)
Definition: ossl_x509cert.c:12
VALUE rb_eStandardError
Definition: error.c:760
static const rb_data_type_t ossl_x509_type
Definition: ossl_x509cert.c:43
VALUE mOSSL
Definition: ossl.c:213
static VALUE ossl_x509_get_signature_algorithm(VALUE self)
#define RARRAY_LEN(a)
Definition: ruby.h:1026
#define RUBY_TYPED_FREE_IMMEDIATELY
Definition: ruby.h:1145
static VALUE ossl_x509_inspect(VALUE self)
int count
Definition: encoding.c:56
#define X509_up_ref(x)
static VALUE ossl_x509_get_subject(VALUE self)
static VALUE ossl_x509_set_serial(VALUE self, VALUE num)
#define Qtrue
Definition: ruby.h:437
EVP_PKEY * GetPrivPKeyPtr(VALUE obj)
Definition: ossl_pkey.c:216
#define ossl_str_adjust(str, p)
Definition: ossl.h:82
static VALUE ossl_x509_set_version(VALUE self, VALUE version)
VALUE rb_ary_push(VALUE ary, VALUE item)
Definition: array.c:905
static VALUE ossl_x509_copy(VALUE self, VALUE other)
#define X509_get0_notBefore(x)
ASN1_TIME * ossl_x509_time_adjust(ASN1_TIME *s, VALUE time)
Definition: ossl_x509.c:19
static VALUE ossl_x509_get_extensions(VALUE self)
BIO * ossl_obj2bio(volatile VALUE *pobj)
Definition: ossl_bio.c:13
static VALUE ossl_x509_add_extension(VALUE self, VALUE extension)
VALUE rb_define_class_under(VALUE outer, const char *name, VALUE super)
Defines a class under the namespace of outer.
Definition: class.c:693
#define Check_Type(v, t)
Definition: ruby.h:562
static VALUE ossl_x509_set_not_after(VALUE self, VALUE time)
void rb_define_alloc_func(VALUE, rb_alloc_func_t)
VALUE cX509Ext
Definition: ossl_x509ext.c:47
#define DATA_PTR(dta)
Definition: ruby.h:1113
#define T_ARRAY
Definition: ruby.h:498
VALUE asn1integer_to_num(const ASN1_INTEGER *ai)
Definition: ossl_asn1.c:112
VALUE ossl_membio2str(BIO *bio)
Definition: ossl_bio.c:47
VALUE ossl_x509_new(X509 *x509)
Definition: ossl_x509cert.c:55
VALUE ossl_pkey_new(EVP_PKEY *pkey)
Definition: ossl_pkey.c:107
X509_NAME * GetX509NamePtr(VALUE)
Definition: ossl_x509name.c:80
#define rb_ary_new2
Definition: intern.h:90
void Init_ossl_x509cert(void)
#define rb_define_copy_func(klass, func)
Definition: ruby_missing.h:13
static VALUE ossl_x509_set_not_before(VALUE self, VALUE time)
#define GetX509(obj, x509)
Definition: ossl_x509cert.c:20
VALUE ossl_to_der_if_possible(VALUE obj)
Definition: ossl.c:237
void ossl_clear_error(void)
Definition: ossl.c:289
RUBY_EXTERN VALUE rb_cObject
Definition: ruby.h:1872
VALUE rb_ary_new(void)
Definition: array.c:493
#define OSSL_BIO_reset(bio)
Definition: ossl.h:110
const EVP_MD * GetDigestPtr(VALUE obj)
Definition: ossl_digest.c:49
VALUE eOSSLError
Definition: ossl.c:218
int argc
Definition: ruby.c:183
#define Qfalse
Definition: ruby.h:436
static VALUE ossl_x509_get_issuer(VALUE self)
VALUE ossl_x509ext_new(X509_EXTENSION *)
Definition: ossl_x509ext.c:69
VALUE cX509Cert
Definition: ossl_x509cert.c:34
X509 * DupX509CertPtr(VALUE obj)
void rb_define_alias(VALUE klass, const char *name1, const char *name2)
Defines an alias of a method.
Definition: class.c:1758
int errno
static VALUE ossl_x509_set_subject(VALUE self, VALUE subject)
VALUE rb_sprintf(const char *format,...)
Definition: sprintf.c:1440
static VALUE ossl_x509_get_public_key(VALUE self)
static VALUE ossl_x509_set_public_key(VALUE self, VALUE key)
static VALUE ossl_x509_set_extensions(VALUE self, VALUE ary)
int rb_scan_args(int argc, const VALUE *argv, const char *fmt,...)
Definition: class.c:1919
#define PRIsVALUE
Definition: ruby.h:135
VALUE eX509CertError
Definition: ossl_x509cert.c:35
unsigned long VALUE
Definition: ruby.h:85
#define SafeGetX509(obj, x509)
Definition: ossl_x509cert.c:26
static VALUE ossl_x509_sign(VALUE self, VALUE key, VALUE digest)
#define X509_get0_notAfter(x)
VALUE ossl_x509req_new(X509_REQ *)
Definition: ossl_x509req.c:55
VALUE mX509
Definition: ossl_x509.c:12
static VALUE ossl_x509_check_private_key(VALUE self, VALUE key)
#define X509_get0_tbs_sigalg(x)
#define LONG2NUM(x)
Definition: ruby.h:1573
register unsigned int len
Definition: zonetab.h:51
VALUE rb_define_module_under(VALUE outer, const char *name)
Definition: class.c:790
X509_EXTENSION * GetX509ExtPtr(VALUE)
Definition: ossl_x509ext.c:89
#define StringValueCStr(v)
Definition: ruby.h:571
#define RSTRING_PTR(str)
Definition: ruby.h:982
static VALUE ossl_x509_verify(VALUE self, VALUE key)
#define RARRAY_AREF(a, i)
Definition: ruby.h:1040
void rb_fd_fix_cloexec(int fd)
Definition: io.c:231
static VALUE ossl_x509_get_version(VALUE self)
VALUE asn1time_to_time(const ASN1_TIME *time)
Definition: ossl_asn1.c:22
#define OSSL_Check_Kind(obj, klass)
Definition: ossl.h:52
static void ossl_x509_free(void *ptr)
Definition: ossl_x509cert.c:38
RUBY_EXTERN char * strerror(int)
Definition: strerror.c:11
static VALUE ossl_x509_get_not_before(VALUE self)
void rb_check_safe_obj(VALUE)
Definition: safe.c:117
static VALUE ossl_x509_get_serial(VALUE self)
static VALUE ossl_x509_to_der(VALUE self)
void ossl_raise(VALUE exc, const char *fmt,...)
Definition: ossl.c:278
static VALUE ossl_x509_to_text(VALUE self)
EVP_PKEY * GetPKeyPtr(VALUE obj)
Definition: ossl_pkey.c:206
static VALUE ossl_x509_initialize(int argc, VALUE *argv, VALUE self)
const char * name
Definition: nkf.c:208
#define SetX509(obj, x509)
Definition: ossl_x509cert.c:14
VALUE ossl_x509name_new(X509_NAME *)
Definition: ossl_x509name.c:60
#define fileno(p)
Definition: vsnprintf.c:217
#define rb_check_frozen(obj)
Definition: intern.h:276
static VALUE ossl_x509_alloc(VALUE klass)
X509 * GetX509CertPtr(VALUE obj)
static VALUE ossl_x509_set_issuer(VALUE self, VALUE issuer)
VALUE rb_define_module(const char *name)
Definition: class.c:768
static VALUE ossl_x509_to_pem(VALUE self)
#define NULL
Definition: _sdbm.c:102
void rb_define_method(VALUE klass, const char *name, VALUE(*func)(ANYARGS), int argc)
Definition: class.c:1515
int version
Definition: ossl_ssl.c:55
#define NUM2LONG(x)
Definition: ruby.h:648
VALUE ossl_x509_new_from_file(VALUE filename)
Definition: ossl_x509cert.c:75
char ** argv
Definition: ruby.c:184
static VALUE ossl_x509_get_not_after(VALUE self)
VALUE rb_obj_class(VALUE)
Definition: object.c:229
VALUE rb_str_new(const char *, long)
Definition: string.c:736
ASN1_INTEGER * num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
Definition: ossl_asn1.c:135