Ruby  1.9.3p547(2014-05-14revision45962)
ossl_x509cert.c
Go to the documentation of this file.
1 /*
2  * $Id: ossl_x509cert.c 44754 2014-01-30 03:49:07Z usa $
3  * 'OpenSSL for Ruby' project
4  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5  * All rights reserved.
6  */
7 /*
8  * This program is licenced under the same licence as Ruby.
9  * (See the file 'LICENCE'.)
10  */
11 #include "ossl.h"
12 
13 #define WrapX509(klass, obj, x509) do { \
14  if (!(x509)) { \
15  ossl_raise(rb_eRuntimeError, "CERT wasn't initialized!"); \
16  } \
17  (obj) = Data_Wrap_Struct((klass), 0, X509_free, (x509)); \
18 } while (0)
19 #define GetX509(obj, x509) do { \
20  Data_Get_Struct((obj), X509, (x509)); \
21  if (!(x509)) { \
22  ossl_raise(rb_eRuntimeError, "CERT wasn't initialized!"); \
23  } \
24 } while (0)
25 #define SafeGetX509(obj, x509) do { \
26  OSSL_Check_Kind((obj), cX509Cert); \
27  GetX509((obj), (x509)); \
28 } while (0)
29 
30 /*
31  * Classes
32  */
35 
36 /*
37  * Public
38  */
39 VALUE
40 ossl_x509_new(X509 *x509)
41 {
42  X509 *new;
43  VALUE obj;
44 
45  if (!x509) {
46  new = X509_new();
47  } else {
48  new = X509_dup(x509);
49  }
50  if (!new) {
52  }
53  WrapX509(cX509Cert, obj, new);
54 
55  return obj;
56 }
57 
58 VALUE
60 {
61  X509 *x509;
62  FILE *fp;
63  VALUE obj;
64 
65  SafeStringValue(filename);
66  if (!(fp = fopen(RSTRING_PTR(filename), "r"))) {
68  }
69  x509 = PEM_read_X509(fp, NULL, NULL, NULL);
70  /*
71  * prepare for DER...
72 #if !defined(OPENSSL_NO_FP_API)
73  if (!x509) {
74  (void)ERR_get_error();
75  rewind(fp);
76 
77  x509 = d2i_X509_fp(fp, NULL);
78  }
79 #endif
80  */
81  fclose(fp);
82  if (!x509) {
84  }
85  WrapX509(cX509Cert, obj, x509);
86 
87  return obj;
88 }
89 
90 X509 *
92 {
93  X509 *x509;
94 
95  SafeGetX509(obj, x509);
96 
97  return x509;
98 }
99 
100 X509 *
102 {
103  X509 *x509;
104 
105  SafeGetX509(obj, x509);
106 
107  CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
108 
109  return x509;
110 }
111 
112 /*
113  * Private
114  */
115 static VALUE
117 {
118  X509 *x509;
119  VALUE obj;
120 
121  x509 = X509_new();
122  if (!x509) ossl_raise(eX509CertError, NULL);
123 
124  WrapX509(klass, obj, x509);
125 
126  return obj;
127 }
128 
129 /*
130  * call-seq:
131  * Certificate.new => cert
132  * Certificate.new(string) => cert
133  */
134 static VALUE
136 {
137  BIO *in;
138  X509 *x509, *x = DATA_PTR(self);
139  VALUE arg;
140 
141  if (rb_scan_args(argc, argv, "01", &arg) == 0) {
142  /* create just empty X509Cert */
143  return self;
144  }
145  arg = ossl_to_der_if_possible(arg);
146  in = ossl_obj2bio(arg);
147  x509 = PEM_read_bio_X509(in, &x, NULL, NULL);
148  DATA_PTR(self) = x;
149  if (!x509) {
150  OSSL_BIO_reset(in);
151  x509 = d2i_X509_bio(in, &x);
152  DATA_PTR(self) = x;
153  }
154  BIO_free(in);
155  if (!x509) ossl_raise(eX509CertError, NULL);
156 
157  return self;
158 }
159 
160 static VALUE
162 {
163  X509 *a, *b, *x509;
164 
165  rb_check_frozen(self);
166  if (self == other) return self;
167 
168  GetX509(self, a);
169  SafeGetX509(other, b);
170 
171  x509 = X509_dup(b);
172  if (!x509) ossl_raise(eX509CertError, NULL);
173 
174  DATA_PTR(self) = x509;
175  X509_free(a);
176 
177  return self;
178 }
179 
180 /*
181  * call-seq:
182  * cert.to_der => string
183  */
184 static VALUE
186 {
187  X509 *x509;
188  VALUE str;
189  long len;
190  unsigned char *p;
191 
192  GetX509(self, x509);
193  if ((len = i2d_X509(x509, NULL)) <= 0)
195  str = rb_str_new(0, len);
196  p = (unsigned char *)RSTRING_PTR(str);
197  if (i2d_X509(x509, &p) <= 0)
199  ossl_str_adjust(str, p);
200 
201  return str;
202 }
203 
204 /*
205  * call-seq:
206  * cert.to_pem => string
207  */
208 static VALUE
210 {
211  X509 *x509;
212  BIO *out;
213  VALUE str;
214 
215  GetX509(self, x509);
216  out = BIO_new(BIO_s_mem());
217  if (!out) ossl_raise(eX509CertError, NULL);
218 
219  if (!PEM_write_bio_X509(out, x509)) {
220  BIO_free(out);
222  }
223  str = ossl_membio2str(out);
224 
225  return str;
226 }
227 
228 /*
229  * call-seq:
230  * cert.to_text => string
231  */
232 static VALUE
234 {
235  X509 *x509;
236  BIO *out;
237  VALUE str;
238 
239  GetX509(self, x509);
240 
241  out = BIO_new(BIO_s_mem());
242  if (!out) ossl_raise(eX509CertError, NULL);
243 
244  if (!X509_print(out, x509)) {
245  BIO_free(out);
247  }
248  str = ossl_membio2str(out);
249 
250  return str;
251 }
252 
253 #if 0
254 /*
255  * Makes from X509 X509_REQuest
256  */
257 static VALUE
258 ossl_x509_to_req(VALUE self)
259 {
260  X509 *x509;
261  X509_REQ *req;
262  VALUE obj;
263 
264  GetX509(self, x509);
265  if (!(req = X509_to_X509_REQ(x509, NULL, EVP_md5()))) {
267  }
268  obj = ossl_x509req_new(req);
269  X509_REQ_free(req);
270 
271  return obj;
272 }
273 #endif
274 
275 /*
276  * call-seq:
277  * cert.version => integer
278  */
279 static VALUE
281 {
282  X509 *x509;
283 
284  GetX509(self, x509);
285 
286  return LONG2NUM(X509_get_version(x509));
287 }
288 
289 /*
290  * call-seq:
291  * cert.version = integer => integer
292  */
293 static VALUE
295 {
296  X509 *x509;
297  long ver;
298 
299  if ((ver = NUM2LONG(version)) < 0) {
300  ossl_raise(eX509CertError, "version must be >= 0!");
301  }
302  GetX509(self, x509);
303  if (!X509_set_version(x509, ver)) {
305  }
306 
307  return version;
308 }
309 
310 /*
311  * call-seq:
312  * cert.serial => integer
313  */
314 static VALUE
316 {
317  X509 *x509;
318 
319  GetX509(self, x509);
320 
321  return asn1integer_to_num(X509_get_serialNumber(x509));
322 }
323 
324 /*
325  * call-seq:
326  * cert.serial = integer => integer
327  */
328 static VALUE
330 {
331  X509 *x509;
332 
333  GetX509(self, x509);
334 
335  x509->cert_info->serialNumber =
336  num_to_asn1integer(num, X509_get_serialNumber(x509));
337 
338  return num;
339 }
340 
341 /*
342  * call-seq:
343  * cert.signature_algorithm => string
344  */
345 static VALUE
347 {
348  X509 *x509;
349  BIO *out;
350  VALUE str;
351 
352  GetX509(self, x509);
353  out = BIO_new(BIO_s_mem());
354  if (!out) ossl_raise(eX509CertError, NULL);
355 
356  if (!i2a_ASN1_OBJECT(out, x509->cert_info->signature->algorithm)) {
357  BIO_free(out);
359  }
360  str = ossl_membio2str(out);
361 
362  return str;
363 }
364 
365 /*
366  * call-seq:
367  * cert.subject => name
368  */
369 static VALUE
371 {
372  X509 *x509;
373  X509_NAME *name;
374 
375  GetX509(self, x509);
376  if (!(name = X509_get_subject_name(x509))) { /* NO DUP - don't free! */
378  }
379 
380  return ossl_x509name_new(name);
381 }
382 
383 /*
384  * call-seq:
385  * cert.subject = name => name
386  */
387 static VALUE
389 {
390  X509 *x509;
391 
392  GetX509(self, x509);
393  if (!X509_set_subject_name(x509, GetX509NamePtr(subject))) { /* DUPs name */
395  }
396 
397  return subject;
398 }
399 
400 /*
401  * call-seq:
402  * cert.issuer => name
403  */
404 static VALUE
406 {
407  X509 *x509;
408  X509_NAME *name;
409 
410  GetX509(self, x509);
411  if(!(name = X509_get_issuer_name(x509))) { /* NO DUP - don't free! */
413  }
414 
415  return ossl_x509name_new(name);
416 }
417 
418 /*
419  * call-seq:
420  * cert.issuer = name => name
421  */
422 static VALUE
424 {
425  X509 *x509;
426 
427  GetX509(self, x509);
428  if (!X509_set_issuer_name(x509, GetX509NamePtr(issuer))) { /* DUPs name */
430  }
431 
432  return issuer;
433 }
434 
435 /*
436  * call-seq:
437  * cert.not_before => time
438  */
439 static VALUE
441 {
442  X509 *x509;
443  ASN1_UTCTIME *asn1time;
444 
445  GetX509(self, x509);
446  if (!(asn1time = X509_get_notBefore(x509))) { /* NO DUP - don't free! */
448  }
449 
450  return asn1time_to_time(asn1time);
451 }
452 
453 /*
454  * call-seq:
455  * cert.not_before = time => time
456  */
457 static VALUE
459 {
460  X509 *x509;
461  time_t sec;
462 
463  sec = time_to_time_t(time);
464  GetX509(self, x509);
465  if (!X509_time_adj(X509_get_notBefore(x509), 0, &sec)) {
467  }
468 
469  return time;
470 }
471 
472 /*
473  * call-seq:
474  * cert.not_after => time
475  */
476 static VALUE
478 {
479  X509 *x509;
480  ASN1_TIME *asn1time;
481 
482  GetX509(self, x509);
483  if (!(asn1time = X509_get_notAfter(x509))) { /* NO DUP - don't free! */
485  }
486 
487  return asn1time_to_time(asn1time);
488 }
489 
490 /*
491  * call-seq:
492  * cert.not_after = time => time
493  */
494 static VALUE
496 {
497  X509 *x509;
498  time_t sec;
499 
500  sec = time_to_time_t(time);
501  GetX509(self, x509);
502  if (!X509_time_adj(X509_get_notAfter(x509), 0, &sec)) {
504  }
505 
506  return time;
507 }
508 
509 /*
510  * call-seq:
511  * cert.public_key => key
512  */
513 static VALUE
515 {
516  X509 *x509;
517  EVP_PKEY *pkey;
518 
519  GetX509(self, x509);
520  if (!(pkey = X509_get_pubkey(x509))) { /* adds an reference */
522  }
523 
524  return ossl_pkey_new(pkey); /* NO DUP - OK */
525 }
526 
527 /*
528  * call-seq:
529  * cert.public_key = key => key
530  */
531 static VALUE
533 {
534  X509 *x509;
535 
536  GetX509(self, x509);
537  if (!X509_set_pubkey(x509, GetPKeyPtr(key))) { /* DUPs pkey */
539  }
540 
541  return key;
542 }
543 
544 /*
545  * call-seq:
546  * cert.sign(key, digest) => self
547  */
548 static VALUE
550 {
551  X509 *x509;
552  EVP_PKEY *pkey;
553  const EVP_MD *md;
554 
555  pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
556  md = GetDigestPtr(digest);
557  GetX509(self, x509);
558  if (!X509_sign(x509, pkey, md)) {
560  }
561 
562  return self;
563 }
564 
565 /*
566  * call-seq:
567  * cert.verify(key) => true | false
568  *
569  * Checks that cert signature is made with PRIVversion of this PUBLIC 'key'
570  */
571 static VALUE
573 {
574  X509 *x509;
575  EVP_PKEY *pkey;
576  int i;
577 
578  pkey = GetPKeyPtr(key); /* NO NEED TO DUP */
579  GetX509(self, x509);
580  if ((i = X509_verify(x509, pkey)) < 0) {
582  }
583  if (i > 0) {
584  return Qtrue;
585  }
586 
587  return Qfalse;
588 }
589 
590 /*
591  * call-seq:
592  * cert.check_private_key(key)
593  *
594  * Checks if 'key' is PRIV key for this cert
595  */
596 static VALUE
598 {
599  X509 *x509;
600  EVP_PKEY *pkey;
601 
602  /* not needed private key, but should be */
603  pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
604  GetX509(self, x509);
605  if (!X509_check_private_key(x509, pkey)) {
606  OSSL_Warning("Check private key:%s", OSSL_ErrMsg());
607  return Qfalse;
608  }
609 
610  return Qtrue;
611 }
612 
613 /*
614  * call-seq:
615  * cert.extensions => [extension...]
616  */
617 static VALUE
619 {
620  X509 *x509;
621  int count, i;
622  X509_EXTENSION *ext;
623  VALUE ary;
624 
625  GetX509(self, x509);
626  count = X509_get_ext_count(x509);
627  if (count < 0) {
628  return rb_ary_new();
629  }
630  ary = rb_ary_new2(count);
631  for (i=0; i<count; i++) {
632  ext = X509_get_ext(x509, i); /* NO DUP - don't free! */
633  rb_ary_push(ary, ossl_x509ext_new(ext));
634  }
635 
636  return ary;
637 }
638 
639 /*
640  * call-seq:
641  * cert.extensions = [ext...] => [ext...]
642  */
643 static VALUE
645 {
646  X509 *x509;
647  X509_EXTENSION *ext;
648  int i;
649 
650  Check_Type(ary, T_ARRAY);
651  /* All ary's members should be X509Extension */
652  for (i=0; i<RARRAY_LEN(ary); i++) {
654  }
655  GetX509(self, x509);
656  sk_X509_EXTENSION_pop_free(x509->cert_info->extensions, X509_EXTENSION_free);
657  x509->cert_info->extensions = NULL;
658  for (i=0; i<RARRAY_LEN(ary); i++) {
659  ext = DupX509ExtPtr(RARRAY_PTR(ary)[i]);
660 
661  if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
662  X509_EXTENSION_free(ext);
664  }
665  X509_EXTENSION_free(ext);
666  }
667 
668  return ary;
669 }
670 
671 /*
672  * call-seq:
673  * cert.add_extension(extension) => extension
674  */
675 static VALUE
677 {
678  X509 *x509;
679  X509_EXTENSION *ext;
680 
681  GetX509(self, x509);
682  ext = DupX509ExtPtr(extension);
683  if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
684  X509_EXTENSION_free(ext);
686  }
687  X509_EXTENSION_free(ext);
688 
689  return extension;
690 }
691 
692 static VALUE
694 {
695  VALUE subject = rb_inspect(ossl_x509_get_subject(self));
696  VALUE issuer = rb_inspect(ossl_x509_get_issuer(self));
697  VALUE serial = rb_inspect(ossl_x509_get_serial(self));
698  VALUE not_before = rb_inspect(ossl_x509_get_not_before(self));
699  VALUE not_after = rb_inspect(ossl_x509_get_not_after(self));
700  return rb_sprintf("#<%"PRIsVALUE": subject=%"PRIsVALUE", "
701  "issuer=%"PRIsVALUE", serial=%"PRIsVALUE", "
702  "not_before=%"PRIsVALUE", not_after=%"PRIsVALUE">",
703  RB_OBJ_CLASSNAME(self),
704  RB_OBJ_STRING(subject),
705  RB_OBJ_STRING(issuer),
706  RB_OBJ_STRING(serial),
707  RB_OBJ_STRING(not_before),
708  RB_OBJ_STRING(not_after));
709 }
710 
711 /*
712  * INIT
713  */
714 void
716 {
717 
718 #if 0
719  mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
721 #endif
722 
723  eX509CertError = rb_define_class_under(mX509, "CertificateError", eOSSLError);
724 
725  /* Document-class: OpenSSL::X509::Certificate
726  *
727  * Implementation of an X.509 certificate as specified in RFC 5280.
728  * Provides access to a certificate's attributes and allows certificates
729  * to be read from a string, but also supports the creation of new
730  * certificates from scratch.
731  *
732  * === Reading a certificate from a file
733  *
734  * Certificate is capable of handling DER-encoded certificates and
735  * certificates encoded in OpenSSL's PEM format.
736  *
737  * raw = File.read "cert.cer" # DER- or PEM-encoded
738  * certificate = OpenSSL::X509::Certificate.new raw
739  *
740  * === Saving a certificate to a file
741  *
742  * A certificate may be encoded in DER format
743  *
744  * cert = ...
745  * File.open("cert.cer", "wb") { |f| f.print cert.to_der }
746  *
747  * or in PEM format
748  *
749  * cert = ...
750  * File.open("cert.pem", "wb") { |f| f.print cert.to_pem }
751  *
752  * X.509 certificates are associated with a private/public key pair,
753  * typically a RSA, DSA or ECC key (see also OpenSSL::PKey::RSA,
754  * OpenSSL::PKey::DSA and OpenSSL::PKey::EC), the public key itself is
755  * stored within the certificate and can be accessed in form of an
756  * OpenSSL::PKey. Certificates are typically used to be able to associate
757  * some form of identity with a key pair, for example web servers serving
758  * pages over HTTPs use certificates to authenticate themselves to the user.
759  *
760  * The public key infrastructure (PKI) model relies on trusted certificate
761  * authorities ("root CAs") that issue these certificates, so that end
762  * users need to base their trust just on a selected few authorities
763  * that themselves again vouch for subordinate CAs issuing their
764  * certificates to end users.
765  *
766  * The OpenSSL::X509 module provides the tools to set up an independent
767  * PKI, similar to scenarios where the 'openssl' command line tool is
768  * used for issuing certificates in a private PKI.
769  *
770  * === Creating a root CA certificate and an end-entity certificate
771  *
772  * First, we need to create a "self-signed" root certificate. To do so,
773  * we need to generate a key first. Please note that the choice of "1"
774  * as a serial number is considered a security flaw for real certificates.
775  * Secure choices are integers in the two-digit byte range and ideally
776  * not sequential but secure random numbers, steps omitted here to keep
777  * the example concise.
778  *
779  * root_key = OpenSSL::PKey::RSA.new 2048 # the CA's public/private key
780  * root_ca = OpenSSL::X509::Certificate.new
781  * root_ca.version = 2 # cf. RFC 5280 - to make it a "v3" certificate
782  * root_ca.serial = 1
783  * root_ca.subject = OpenSSL::X509::Name.parse "/DC=org/DC=ruby-lang/CN=Ruby CA"
784  * root_ca.issuer = root_ca.subject # root CA's are "self-signed"
785  * root_ca.public_key = root_key.public_key
786  * root_ca.not_before = Time.now
787  * root_ca.not_after = root_ca.not_before + 2 * 365 * 24 * 60 * 60 # 2 years validity
788  * ef = OpenSSL::X509::ExtensionFactory.new
789  * ef.subject_certificate = root_ca
790  * ef.issuer_certificate = root_ca
791  * root_ca.add_extension(ef.create_extension("basicConstraints","CA:TRUE",true))
792  * root_ca.add_extension(ef.create_extension("keyUsage","keyCertSign, cRLSign", true))
793  * root_ca.add_extension(ef.create_extension("subjectKeyIdentifier","hash",false))
794  * root_ca.add_extension(ef.create_extension("authorityKeyIdentifier","keyid:always",false))
795  * root_ca.sign(root_key, OpenSSL::Digest::SHA256.new)
796  *
797  * The next step is to create the end-entity certificate using the root CA
798  * certificate.
799  *
800  * key = OpenSSL::PKey::RSA.new 2048
801  * cert = OpenSSL::X509::Certificate.new
802  * cert.version = 2
803  * cert.serial = 2
804  * cert.subject = OpenSSL::X509::Name.parse "/DC=org/DC=ruby-lang/CN=Ruby certificate"
805  * cert.issuer = root_ca.subject # root CA is the issuer
806  * cert.public_key = key.public_key
807  * cert.not_before = Time.now
808  * cert.not_after = cert.not_before + 1 * 365 * 24 * 60 * 60 # 1 years validity
809  * ef = OpenSSL::X509::ExtensionFactory.new
810  * ef.subject_certificate = cert
811  * ef.issuer_certificate = root_ca
812  * cert.add_extension(ef.create_extension("keyUsage","digitalSignature", true))
813  * cert.add_extension(ef.create_extension("subjectKeyIdentifier","hash",false))
814  * cert.sign(root_key, OpenSSL::Digest::SHA256.new)
815  *
816  */
817 
818  eX509CertError = rb_define_class_under(mX509, "CertificateError", eOSSLError);
819 
820  cX509Cert = rb_define_class_under(mX509, "Certificate", rb_cObject);
821 
823  rb_define_method(cX509Cert, "initialize", ossl_x509_initialize, -1);
825 
828  rb_define_alias(cX509Cert, "to_s", "to_pem");
847  rb_define_method(cX509Cert, "check_private_key", ossl_x509_check_private_key, 1);
850  rb_define_method(cX509Cert, "add_extension", ossl_x509_add_extension, 1);
852 }
853 
static long NUM2LONG(VALUE x)
Definition: ruby.h:510
VALUE mOSSL
Definition: ossl.c:250
static VALUE ossl_x509_get_signature_algorithm(VALUE self)
int i
Definition: win32ole.c:776
static VALUE ossl_x509_inspect(VALUE self)
int count
Definition: encoding.c:50
static VALUE ossl_x509_get_subject(VALUE self)
static VALUE ossl_x509_set_serial(VALUE self, VALUE num)
#define LONG2NUM(i)
Definition: cparse.c:72
#define Qtrue
Definition: ruby.h:366
EVP_PKEY * GetPrivPKeyPtr(VALUE obj)
Definition: ossl_pkey.c:146
#define ossl_str_adjust(str, p)
Definition: ossl.h:132
#define PRIsVALUE
Definition: bigdecimal.c:109
static VALUE ossl_x509_set_version(VALUE self, VALUE version)
VALUE rb_ary_push(VALUE ary, VALUE item)
Definition: array.c:740
static VALUE ossl_x509_copy(VALUE self, VALUE other)
static VALUE ossl_x509_get_extensions(VALUE self)
#define RB_OBJ_STRING(obj)
Definition: bigdecimal.c:111
static VALUE ossl_x509_add_extension(VALUE self, VALUE extension)
#define RSTRING_PTR(string)
Definition: generator.h:42
VALUE rb_define_class_under(VALUE outer, const char *name, VALUE super)
Defines a class under the namespace of outer.
Definition: class.c:515
#define Check_Type(v, t)
Definition: ruby.h:459
static VALUE ossl_x509_set_not_after(VALUE self, VALUE time)
void rb_define_alloc_func(VALUE, rb_alloc_func_t)
VALUE cX509Ext
Definition: ossl_x509ext.c:45
#define RARRAY_LEN(ARRAY)
Definition: generator.h:39
#define DATA_PTR(dta)
Definition: ruby.h:795
VALUE asn1time_to_time(ASN1_TIME *time)
Definition: ossl_asn1.c:32
#define T_ARRAY
Definition: ruby.h:420
X509_EXTENSION * DupX509ExtPtr(VALUE)
Definition: ossl_x509ext.c:82
VALUE ossl_membio2str(BIO *bio)
Definition: ossl_bio.c:77
VALUE ossl_x509_new(X509 *x509)
Definition: ossl_x509cert.c:40
VALUE ossl_pkey_new(EVP_PKEY *pkey)
Definition: ossl_pkey.c:40
X509_NAME * GetX509NamePtr(VALUE)
Definition: ossl_x509name.c:64
time_t time_to_time_t(VALUE time)
Definition: ossl_asn1.c:85
Win32OLEIDispatch * p
Definition: win32ole.c:778
#define rb_define_copy_func(klass, func)
Definition: ruby_missing.h:14
#define OSSL_Warning
Definition: ossl.h:206
static VALUE ossl_x509_set_not_before(VALUE self, VALUE time)
#define GetX509(obj, x509)
Definition: ossl_x509cert.c:19
VALUE ossl_to_der_if_possible(VALUE obj)
Definition: ossl.c:274
RUBY_EXTERN VALUE rb_cObject
Definition: ruby.h:1246
VALUE rb_ary_new(void)
Definition: array.c:339
#define OSSL_BIO_reset(bio)
Definition: ossl.h:149
const EVP_MD * GetDigestPtr(VALUE obj)
Definition: ossl_digest.c:36
VALUE eOSSLError
Definition: ossl.c:255
int argc
Definition: ruby.c:120
#define Qfalse
Definition: ruby.h:365
static VALUE ossl_x509_get_issuer(VALUE self)
VALUE ossl_x509ext_new(X509_EXTENSION *)
Definition: ossl_x509ext.c:53
arg
Definition: ripper.y:1287
VALUE cX509Cert
Definition: ossl_x509cert.c:33
X509 * DupX509CertPtr(VALUE obj)
void rb_define_alias(VALUE klass, const char *name1, const char *name2)
Defines an alias of a method.
Definition: class.c:1385
int errno
static VALUE ossl_x509_set_subject(VALUE self, VALUE subject)
VALUE rb_sprintf(const char *format,...)
Definition: sprintf.c:1203
static VALUE ossl_x509_get_public_key(VALUE self)
BIO * ossl_obj2bio(VALUE obj)
Definition: ossl_bio.c:17
static VALUE ossl_x509_set_public_key(VALUE self, VALUE key)
static VALUE ossl_x509_set_extensions(VALUE self, VALUE ary)
int rb_scan_args(int argc, const VALUE *argv, const char *fmt,...)
Definition: class.c:1416
VALUE eX509CertError
Definition: ossl_x509cert.c:34
unsigned long VALUE
Definition: ruby.h:88
#define SafeGetX509(obj, x509)
Definition: ossl_x509cert.c:25
static VALUE ossl_x509_sign(VALUE self, VALUE key, VALUE digest)
VALUE ossl_x509req_new(X509_REQ *)
Definition: ossl_x509req.c:40
register unsigned int len
Definition: name2ctype.h:22210
#define RARRAY_PTR(ARRAY)
Definition: generator.h:36
VALUE mX509
Definition: ossl_x509.c:13
static VALUE ossl_x509_check_private_key(VALUE self, VALUE key)
#define OSSL_ErrMsg()
Definition: ossl.h:155
VALUE rb_define_module_under(VALUE outer, const char *name)
Definition: class.c:607
static VALUE ossl_x509_verify(VALUE self, VALUE key)
#define RB_OBJ_CLASSNAME(obj)
Definition: bigdecimal.c:110
static VALUE ossl_x509_get_version(VALUE self)
#define OSSL_Check_Kind(obj, klass)
Definition: ossl.h:90
uint8_t key[16]
Definition: random.c:1284
RUBY_EXTERN char * strerror(int)
Definition: strerror.c:11
static VALUE ossl_x509_get_not_before(VALUE self)
static VALUE ossl_x509_get_serial(VALUE self)
static VALUE ossl_x509_to_der(VALUE self)
void ossl_raise(VALUE exc, const char *fmt,...)
Definition: ossl.c:324
static VALUE ossl_x509_to_text(VALUE self)
EVP_PKEY * GetPKeyPtr(VALUE obj)
Definition: ossl_pkey.c:136
#define SafeStringValue(v)
Definition: ruby.h:472
VALUE rb_ary_new2(long capa)
Definition: array.c:332
static VALUE ossl_x509_initialize(int argc, VALUE *argv, VALUE self)
const char * name
Definition: nkf.c:208
VALUE rb_inspect(VALUE)
Definition: object.c:372
VALUE ossl_x509name_new(X509_NAME *)
Definition: ossl_x509name.c:45
#define rb_check_frozen(obj)
Definition: intern.h:242
void Init_ossl_x509cert()
static void version(void)
Definition: nkf.c:874
VALUE asn1integer_to_num(ASN1_INTEGER *ai)
Definition: ossl_asn1.c:105
static VALUE ossl_x509_alloc(VALUE klass)
X509 * GetX509CertPtr(VALUE obj)
Definition: ossl_x509cert.c:91
static VALUE ossl_x509_set_issuer(VALUE self, VALUE issuer)
VALUE rb_define_module(const char *name)
Definition: class.c:587
static VALUE ossl_x509_to_pem(VALUE self)
#define NULL
Definition: _sdbm.c:107
void rb_define_method(VALUE klass, const char *name, VALUE(*func)(ANYARGS), int argc)
Definition: class.c:1210
#define WrapX509(klass, obj, x509)
Definition: ossl_x509cert.c:13
VALUE ossl_x509_new_from_file(VALUE filename)
Definition: ossl_x509cert.c:59
char ** argv
Definition: ruby.c:121
static VALUE ossl_x509_get_not_after(VALUE self)
VALUE rb_str_new(const char *, long)
Definition: string.c:410
ASN1_INTEGER * num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
Definition: ossl_asn1.c:157