diff options
| author | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-01-10 00:43:38 +0000 |
|---|---|---|
| committer | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-01-10 00:43:38 +0000 |
| commit | c8c2b576e89e238a6aead38b3cc40a2d3f07f751 (patch) | |
| tree | b74df95f5df51dffcc40ba6b9df310f7f502dc4d | |
| parent | c7018dfc98fa5ef076caf6dc3186e7271a862be3 (diff) | |
| download | ruby-openssl-history-c8c2b576e89e238a6aead38b3cc40a2d3f07f751.tar.gz | |
* OpenSSL 0.9.6c support (BN)
* MS_CALLBACK to ossl_pkey_*.c
* Memory checking with OSSL_DEBUG
* API doc style change
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | README | 177 | ||||
| -rw-r--r-- | lib/openssl.rb | 131 | ||||
| -rw-r--r-- | missing/strptime.c | 4 | ||||
| -rw-r--r-- | ossl.c | 10 | ||||
| -rw-r--r-- | ossl_bn.c | 40 | ||||
| -rw-r--r-- | ossl_config.c | 1 | ||||
| -rw-r--r-- | ossl_pkcs7.c | 27 | ||||
| -rw-r--r-- | ossl_pkey_dsa.c | 2 | ||||
| -rw-r--r-- | ossl_pkey_rsa.c | 2 | ||||
| -rw-r--r-- | ossl_ssl.c | 2 | ||||
| -rw-r--r-- | ossl_x509store.c | 3 |
12 files changed, 230 insertions, 175 deletions
@@ -4,6 +4,12 @@ Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz> All rights reserved. $Log$ +Revision 1.20 2002/01/10 00:44:17 majkl + * OpenSSL 0.9.6c support (BN) + * MS_CALLBACK to ossl_pkey_*.c + * Memory checking with OSSL_DEBUG + * API doc style change + Revision 1.19 2002/01/06 16:18:32 majkl * ossl-0.1.0 released @@ -1,10 +1,16 @@ $Id$ 'OpenSSL for Ruby' project -Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz> +Copyright (C) 2001,2002 'OpenSSL for Ruby' team All rights reserved. - This program is licenced under the same licence as Ruby. (See the file 'LICENCE'.) + +[Team members] +GOTOU Yuuzou <gotoyuzo@notwork.org> - SSL Socket implementation +Michal Rokos <m.rokos@sh.cvut.cz> - The rest (too long to enumerate) + +[Contributors] +UNKNOWN <oss-ruby@technorama.net>oss-ruby@technorama.net - BN implementation [Done] (but not fully tested) = PKey:: RSA,DSA keys - new, load, export @@ -66,7 +72,7 @@ This program is licenced under the same licence as Ruby. Sorry, not done. See 'test' folder's examples and grep C sources for rb_define_*method :-)) -------------------------------------------------- -=> XXX - XXX is return value +-> XXX - XXX is return value A <=> B - A is an alias to B [XXX] - argument XXX is optional A|B - argument can be A or B @@ -75,17 +81,17 @@ cXXX - XXX is defined as constant fXXX - XXX is Fixnum hXXX - XXX is Hash nXXX - XXX is Number (Fixnum or Bignum) -oXXX - argument.kind_of?(XXX) => true +oXXX - argument.kind_of?(XXX) -> true sXXX - XXX is String tXXX - XXX is instance of Time -------------------------------------------------- Integer - .to_bn() => BN.new + .to_bn() -> BN.new OpenSSL:: - .seed(sSeed) => sSeed - .load_random_file(sFilename) => bResult - .write_random_file(sFilename) => bResult + .seed(sSeed) -> sSeed + .load_random_file(sFilename) -> bResult + .write_random_file(sFilename) -> bResult BN - Doc TODO! @@ -104,19 +110,21 @@ OpenSSL:: RC4 (nil, UNSPEC, BIT40) RC5 (ECB, CFB, OFB, CBC) .new([cMode|cType] [,cType|cMode]) - .encrypt(sPassword [, sInitVector]) => self - .decrypt(sPassword [, sInitVector]) => self - .update(sData) => s(En|De)crypted + ---------------------------------- + .encrypt(sPassword [, sInitVector]) -> self + .decrypt(sPassword [, sInitVector]) -> self + .update(sData) -> s(En|De)crypted .<< <=> .update - .cipher() => s(En|De)cryptedFinal + .cipher() -> s(En|De)cryptedFinal CipherError Config .new(sFilename) - dispatches .load .load(sFilename) - .get_value(sSection|nil, sKey) => sValue - .get_section(sSection) => hSection + ---------------------------------- + .get_value(sSection|nil, sKey) -> sValue + .get_section(sSection) -> hSection ConfigError @@ -131,21 +139,23 @@ OpenSSL:: DSS DSS1 .new([sData]) - .update(sData) => self + ---------------------------------- + .update(sData) -> self .<< <=> .update - .digest() => sDigestFinal - .hexdigest() => sHEXDigestFinal + .digest() -> sDigestFinal + .hexdigest() -> sHEXDigestFinal .inspect <=> .hexdigest .to_str <=> .hexdigest DigestError HMAC - .new(sKey, oDigest::ANY) => self - .update(sData) => self + .new(sKey, oDigest::ANY) -> self + ---------------------------------- + .update(sData) -> self .<< <=> .update - .hmac() => sHMACFinal - .hexhmac() => sHEXHMACFinal + .hmac() -> sHMACFinal + .hexhmac() -> sHEXHMACFinal .inspect <=> .hexhmac .to_str <=> .hexhmac @@ -154,14 +164,15 @@ OpenSSL:: Netscape:: SPKI .new([sPEM]) - .to_pem() => sPEM - .to_str() => sHumanReadable - .public_key() => oPKey::ANY - .public_key=(oPKey::ANY) => oPKey::ANY - .sign(oPKey::ANY, oDigest::ANY) => self - .verify(oPKey::ANY) => bResult - .challenge() => sChallenge - .challenge=(sChallenge) => sChallenge + ---------------------------------- + .to_pem() -> sPEM + .to_str() -> sHumanReadable + .public_key() -> oPKey::ANY + .public_key=(oPKey::ANY) -> oPKey::ANY + .sign(oPKey::ANY, oDigest::ANY) -> self + .verify(oPKey::ANY) -> bResult + .challenge() -> sChallenge + .challenge=(sChallenge) -> sChallenge SPKIError @@ -171,22 +182,24 @@ OpenSSL:: PKCS7 .new(cType|sPEM) - .cipher=(oCipher::ANY) => oCipher::ANY - .add_signer(oPKCS7::Signer, oPKey::ANY) => self - .signers() => Array of PKCS7::Signer - .add_recipient(oX509::Certificate) => self - .add_certificate(oX509::Certificate) => self - .add_crl(oX509::CRL) => self - .add_data(sData [, bDetached]) => self - .verify_data(oX509::Store [, sDetachedData]) => bResult, yields PKCS7::Signer - .decode_data(oPKey::ANY, oX509::Certificate) => sData - .to_pem() => sPEM + ---------------------------------- + .cipher=(oCipher::ANY) -> oCipher::ANY + .add_signer(oPKCS7::Signer, oPKey::ANY) -> self + .signers() -> Array of PKCS7::Signer + .add_recipient(oX509::Certificate) -> self + .add_certificate(oX509::Certificate) -> self + .add_crl(oX509::CRL) -> self + .add_data(sData [, bDetached]) -> self + .verify_data(oX509::Store [, sDetachedData]) -> bResult, yields PKCS7::Signer + .decode_data(oPKey::ANY, oX509::Certificate) -> sData + .to_pem() -> sPEM Signer .new(oX509::Certificate, oPKey::ANY, oDigest::ANY) - .name() => X509::Name - .serial() => fSerial - .signed_time() => tTime + ---------------------------------- + .name() -> X509::Name + .serial() -> fSerial + .signed_time() -> tTime PKCS7Error @@ -198,17 +211,18 @@ OpenSSL:: .new_from_pem(sPEM [, sPassword]) .generate(fKeyLen) - yields |p,n| .new_from_fixnum <=> generate - .public?() => bResult - .private?() => bResult - .to_str() => sHumanReadable - .export([oCipher::ANY [, sPassword]]) => sPEM + ---------------------------------- + .public?() -> bResult + .private?() -> bResult + .to_str() -> sHumanReadable + .export([oCipher::ANY [, sPassword]]) -> sPEM .to_pem <=> .export - .public_key() => oPKey::ANY - .to_der() => sDER - .sign(oDigest::ANY, sData) => sSig - .sign_digest(sDigest) => sSig - .verify(oDigest::ANY, sData, sSig) => bResult - .verify_digest(sDigest, sSig) => bResult + .public_key() -> oPKey::ANY + .to_der() -> sDER + .sign(oDigest::ANY, sData) -> sSig + .sign_digest(sDigest) -> sSig + .verify(oDigest::ANY, sData, sSig) -> bResult + .verify_digest(sDigest, sSig) -> bResult DSAError @@ -217,27 +231,30 @@ OpenSSL:: .new_from_pem(sPEM [, sPassword]) .generate(fKeyLen) - yields |p,n| .new_from_fixnum <=> generate - .public?() => bResult - .private?() => bResult - .to_str() => sHumanReadable - .export([oCipher::ANY [, sPassword]]) => sPEM + ---------------------------------- + .public?() -> bResult + .private?() -> bResult + .to_str() -> sHumanReadable + .export([oCipher::ANY [, sPassword]]) -> sPEM .to_pem <=> .export - .public_key() => oPKey::ANY - .public_encrypt(sData) => sEnc - .public_decrypt(sEnrypted) => sData - .private_encrypt(sData) => sEnc - .private_decrypt(sEncrypted) => sData - .to_der() => sDER - .sign(oDigest::ANY, sData) => sSig - .verify(oDigest::ANY, sData, sSig) => bResult + .public_key() -> oPKey::ANY + .public_encrypt(sData) -> sEnc + .public_decrypt(sEnrypted) -> sData + .private_encrypt(sData) -> sEnc + .private_decrypt(sEncrypted) -> sData + .to_der() -> sDER + .sign(oDigest::ANY, sData) -> sSig + .verify(oDigest::ANY, sData, sSig) -> bResult RSAError Random - .seed(sSeed) => sSeed - .load_random_file(sFilename) => bResult - .write_random_file(sFilename) => bResult - .random_bytes(fLen) => sRandom + .new is default + ---------------------------------- + .seed(sSeed) -> sSeed + .load_random_file(sFilename) -> bResult + .write_random_file(sFilename) -> bResult + .random_bytes(fLen) -> sRandom RandomError @@ -251,6 +268,7 @@ OpenSSL:: .new_from_string("oid = value") .new_from_array(["oid", "value"]) .new_from_hash({"oid"=>"oid", "value"=>"val"}) + ---------------------------------- AttributeError @@ -264,27 +282,30 @@ OpenSSL:: Extension - Doc TODO! .new is DISABLED! - .to_str => string as "oid = critical, value" - .to_a => ary as ["oid", "value", critical], critical as bool - .to_h => hash as {"oid"=>"oid", "value"=>"val", "critical"=>bool} + ---------------------------------- + .to_str -> string as "oid = critical, value" + .to_a -> ary as ["oid", "value", critical], critical as bool + .to_h -> hash as {"oid"=>"oid", "value"=>"val", "critical"=>bool} ExtensionFactory - Doc TODO! .new(...) + ---------------------------------- .create_extension(*arg) .create_ext_from_string(str) - .create_ext_from_ary(ary) => X509::Extension, ary as ["oid", "value", critical], critical as bool + .create_ext_from_ary(ary) -> X509::Extension, ary as ["oid", "value", critical], critical as bool .create_ext_from_hash(hash) ExtensionError Name - Doc TODO! .new(arg) dispatches "new_from_#{arg.type.name.downcase}" - .new_from_string(str) => self, str as "/A=B/C=D/E=F" - .new_from_array(ary) => self, ary as [["A","B"],["C","D"],["E","F"]] - .new_from_hash(hash) => self, hash as {"A"=>"B","C"=>"D","E"=>"F"} - .to_str => str as "/A=B/C=D/E=F" - .to_a => ary as [["A","B"],["C","D"],["E","F"]] - .to_h => hash as {"A"=>"B","C"=>"D","E"=>"F"} + .new_from_string(str) -> self, str as "/A=B/C=D/E=F" + .new_from_array(ary) -> self, ary as [["A","B"],["C","D"],["E","F"]] + .new_from_hash(hash) -> self, hash as {"A"=>"B","C"=>"D","E"=>"F"} + ---------------------------------- + .to_str -> str as "/A=B/C=D/E=F" + .to_a -> ary as [["A","B"],["C","D"],["E","F"]] + .to_h -> hash as {"A"=>"B","C"=>"D","E"=>"F"} NameError diff --git a/lib/openssl.rb b/lib/openssl.rb index eab3742..57df6b5 100644 --- a/lib/openssl.rb +++ b/lib/openssl.rb @@ -7,72 +7,72 @@ require 'thread' module OpenSSL module PKey class DSA - def DSA.new(arg, pass=nil) + def DSA::new(arg, pass=nil) if arg.kind_of? Fixnum - DSA.generate(arg) {|p,n| + DSA::generate(arg) {|p,n| if block_given? then yield [p,n] end } else - DSA.new_from_pem(arg, pass) + DSA::new_from_pem(arg, pass) end - end # DSA.new + end # DSA::new # - # new_from_pem(PEM string, pass) is built-in - # new_from_fixnum(size) is an alias to generate(size) - # generate(size) is built-in; yields p,n + # DSA::new_from_pem(PEM string, pass) is built-in + # DSA::new_from_fixnum(size) is an alias to DSA::generate(size) + # DSA::generate(size) is built-in; yields p,n # def sign(digest, data) unless self.private? raise OpenSSL::PKey::DSAError, "Cannot sign with public key!" end unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class.name})" + raise TypeError, "digest alg needed! (got #{digest.class})" end self.sign_digest digest.update(data.to_s).digest end # sign def verify(digest, signature, data) unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class.name})" + raise TypeError, "digest alg needed! (got #{digest.class})" end - unless signature.type == String - raise TypeError, "Signature as String expected (got #{sign.class.name})" + unless signature.class == String + raise TypeError, "Signature as String expected (got #{sign.class})" end self.verify_digest(digest.update(data.to_s).digest, signature) end # verify end # DSA class RSA - def RSA.new(arg, pass=nil) + def RSA::new(arg, pass=nil) if arg.kind_of? Fixnum - RSA.generate(arg) {|p,n| + RSA::generate(arg) {|p,n| if block_given? then yield [p,n] end } else - RSA.new_from_pem(arg, pass) + RSA::new_from_pem(arg, pass) end - end # RSA.new + end # RSA::new # - # new_from_pem(PEM string, pass) is built-in - # new_from_fixnum(size) is an alias to generate(size) - # generate(size) is built-in; yields p,n + # RSA::new_from_pem(PEM string, pass) is built-in + # RSA::new_from_fixnum(size) is an alias to RSA::generate(size) + # RSA::generate(size) is built-in; yields p,n # def sign(digest, data) unless self.private? raise OpenSSL::PKey::RSAError, "Cannot sign with public key!" end unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class.name})" + raise TypeError, "digest alg needed! (got #{digest.class})" end self.private_encrypt digest.update(data.to_s).digest end # sign def verify(digest, signature, data) unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class.name})" + raise TypeError, "digest alg needed! (got #{digest.class})" end - unless signature.type == String - raise TypeError, "Signature as String expected (got #{sign.class.name})" + unless signature.class == String + raise TypeError, "Signature as String expected (got #{sign.class})" end md_s = self.public_decrypt signature md_d = digest.update(data.to_s).digest @@ -98,28 +98,39 @@ module OpenSSL module X509 class Name - def Name.new(arg) - Name.send("new_from_#{arg.type.name.downcase}", arg) + def Name::new(arg) + type = arg.class + while type + method = "new_from_#{type.name.downcase}".intern + return Name::send(method, arg) if Name::respond_to? method + type = type.superclass + end + raise TypeError, "Don't how to make new #{self} from #{arg.class}" + ###Name::send("new_from_#{arg.class.name.downcase}", arg) end # - # Name.new_from_hash(hash) is built-in method + # Name::new_from_hash(hash) is built-in method # - def Name.new_from_string(str) # we're expecting string like "/A=B/C=D/E=F" - hash = {} - ary = [] # speed optim. - str.split("/")[1..-1].each do |item| # first item is "" - so skip it - ary = item.split("=") - hash[ary[0]] = ary[1] - end - Name.new_from_hash(hash) + def Name::new_from_string(str) # we're expecting string like "/A=B/C=D/E=F" + hash = Hash::new + key = val = nil # speed optim. + ary = str.split("/") + ary.shift # first item is "" - so skip it + ary.each {|item| + key, val = item.split("=") + hash[key] = val + } + Name::new_from_hash(hash) + ###ary.collect! {|item| item.split("=") } + ###Name::new_from_array(ary) end - def Name.new_from_array(ary) # [["A","B"],["C","D"],["E","F"]] - hash = {} - ary.each do |item| - hash[item[0]] = item[1] - end - Name.new_from_hash(hash) + def Name::new_from_array(ary) # [["A","B"],["C","D"],["E","F"]] + hash = Hash::new + ary.each {|key, val| + hash[key] = val + } + Name::new_from_hash(hash) end # # to_h is built-in method @@ -141,7 +152,14 @@ module OpenSSL class ExtensionFactory def create_extension(*arg) if arg.size == 1 then arg = arg[0] end - send("create_ext_from_#{arg.type.name.downcase}", arg) + type = arg.class + while type + method = "create_ext_from_#{type.name.downcase}".intern + return send(method, arg) if respond_to? method + type = type.superclass + end + raise TypeError, "Don't how to create ext from #{arg.class}" + ###send("create_ext_from_#{arg.class.name.downcase}", arg) end # # create_ext_from_array is built-in @@ -205,37 +223,44 @@ module OpenSSL end # Extension class Attribute - def Attribute.new(arg) - Attribute.send("new_from_#{arg.type.name.downcase}", arg) + def Attribute::new(arg) + type = arg.class + while type + method = "new_from_#{type.name.downcase}".intern + return Attribute::send(method, arg) if Attribute::respond_to? method + type = type.superclass + end + raise "Don't how to make new #{self} from #{arg.class}" + ###Attribute::send("new_from_#{arg.class.name.downcase}", arg) end # - # Attribute.new_from_array(ary) is built-in method + # Attribute::new_from_array(ary) is built-in method # - def Attribute.new_from_string(str) # "oid = value" + def Attribute::new_from_string(str) # "oid = value" unless str =~ /\s*=\s*/ raise ArgumentError, "string in format \"oid = value\" expected" end ary = [] ary << $`.sub(/^\s*/,"") # delete whitespaces from the beginning ary << $'.sub(/\s*$/,"") # delete them from the end - Attribute.new_from_array(ary) + Attribute::new_from_array(ary) end - def Attribute.new_from_hash(hash) # {"oid"=>"...", "value"=>"..."} + def Attribute::new_from_hash(hash) # {"oid"=>"...", "value"=>"..."} unless (hash.has_key? "oid" and hash.has_key? "value") raise ArgumentError, "hash in format {\"oid\"=>..., \"value\"=>...} expected" end ary = [] ary << hash["oid"] ary << hash["value"] - Attribute.new_from_array(ary) + Attribute::new_from_array(ary) end end # Attribute end # X509 class BN - def BN.new(arg) - BN.new_from_dec(arg.to_s) + def BN::new(arg) + BN::new_from_dec(arg.to_s) end alias :to_str :to_dec @@ -244,17 +269,11 @@ module OpenSSL self.to_str.to_i end end # BN - - class Config - def Config.new(filename) - Config.load(filename) - end - end #Config end # OpenSSL class Integer def to_bn - OpenSSL::BN.new(self) + OpenSSL::BN::new(self) end end # Integer diff --git a/missing/strptime.c b/missing/strptime.c index 15d9268..29768e8 100644 --- a/missing/strptime.c +++ b/missing/strptime.c @@ -36,10 +36,6 @@ #include <ctype.h> #include <string.h> -#ifndef HAVE_STRNCASECMP -# include "./strncasecmp.c" -#endif - /* #if !defined(WIN32) # include "common/config.h" @@ -15,6 +15,9 @@ * implementation in strptime.c */ #ifndef HAVE_STRPTIME +# ifndef HAVE_STRNCASECMP +# include "./missing/strncasecmp.c" +# endif # include "./missing/strptime.c" #endif @@ -81,6 +84,13 @@ VALUE mPKCS7; void Init_openssl() { +#if defined(OSSL_DEBUG) + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); +#endif + + /* + * Init all digests, ciphers + */ OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); @@ -481,23 +481,28 @@ BIGNUM_SHIFT(rshift); BIGNUM_RAND(rand); BIGNUM_RAND(pseudo_rand); -static VALUE -ossl_bn_s_rand_range(VALUE klass, VALUE range) -{ - ossl_bn *bnp = NULL; - BIGNUM *result = NULL; - - OSSL_Check_Type(range, cBN); - GetBN(range, bnp); - - if (!(result = BN_new())) - OSSL_Raise(eBNError, ""); - - if (!BN_rand_range(result, bnp->bignum)) - OSSL_Raise(eBNError, ""); - - return ossl_bn_new_nodup(result); +#define BIGNUM_RAND_RANGE(func) \ + static VALUE \ + ossl_bn_s_##func##_range(VALUE klass, VALUE range) \ + { \ + ossl_bn *bnp = NULL; \ + BIGNUM *result = NULL; \ + \ + OSSL_Check_Type(range, cBN); \ + GetBN(range, bnp); \ + \ + if (!(result = BN_new())) \ + OSSL_Raise(eBNError, ""); \ + \ + if (!BN_##func##_range(result, bnp->bignum)) \ + OSSL_Raise(eBNError, ""); \ + \ + return ossl_bn_new_nodup(result); \ } +BIGNUM_RAND_RANGE(rand); +#if OPENSSL_VERSION_NUMBER >= 0x0090603fL /* "OpenSSL 0.9.6c 21 dec 2001" */ + BIGNUM_RAND_RANGE(pseudo_rand); +#endif static VALUE ossl_bn_s_generate_prime(int argc, VALUE *argv, VALUE klass) @@ -696,6 +701,9 @@ Init_bn(VALUE module) rb_define_singleton_method(cBN, "rand", ossl_bn_s_rand, 3); rb_define_singleton_method(cBN, "pseudo_rand", ossl_bn_s_pseudo_rand, 3); rb_define_singleton_method(cBN, "rand_range", ossl_bn_s_rand_range, 1); +#if OPENSSL_VERSION_NUMBER >= 0x0090603fL /* "OpenSSL 0.9.6c 21 dec 2001" */ + rb_define_singleton_method(cBN, "pseudo_rand_range", ossl_bn_s_pseudo_rand_range, 1); +#endif rb_define_singleton_method(cBN, "generate_prime", ossl_bn_s_generate_prime, -1); rb_define_method(cBN, "num_bytes", ossl_bn_num_bytes, 0); diff --git a/ossl_config.c b/ossl_config.c index df7d0c5..6ba188b 100644 --- a/ossl_config.c +++ b/ossl_config.c @@ -140,6 +140,7 @@ Init_ossl_config(VALUE module) cConfig = rb_define_class_under(module, "Config", rb_cObject); rb_define_singleton_method(cConfig, "load", ossl_config_s_load, -1); + rb_define_alias(CLASS_OF(cConfig), "new", "load"); rb_define_method(cConfig, "get_value", ossl_config_get_value, 2); rb_define_method(cConfig, "get_section", ossl_config_get_section, 1); diff --git a/ossl_pkcs7.c b/ossl_pkcs7.c index 8c09aab..407d106 100644 --- a/ossl_pkcs7.c +++ b/ossl_pkcs7.c @@ -228,14 +228,6 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) return self; } -/* - * -static VALUE ossl_pkcs7_set_type(VALUE self, VALUE type) -{ - PKCS7_set_type(p7, NID); -} - */ - static VALUE ossl_pkcs7_set_cipher(VALUE self, VALUE cipher) { @@ -354,7 +346,7 @@ ossl_pkcs7_add_certificate(VALUE self, VALUE cert) x509 = ossl_x509_get_X509(cert); - if (!PKCS7_add_certificate(p7p->pkcs7, x509)) { + if (!PKCS7_add_certificate(p7p->pkcs7, x509)) { /* DUPs x509 - free it! */ X509_free(x509); rb_raise(ePKCS7Error, "%s", ossl_error()); } @@ -373,7 +365,7 @@ ossl_pkcs7_add_crl(VALUE self, VALUE x509crl) crl = ossl_x509crl_get_X509_CRL(x509crl); - if (!PKCS7_add_crl(p7p->pkcs7, crl)) { + if (!PKCS7_add_crl(p7p->pkcs7, crl)) { /* DUPs crl - free it! */ X509_CRL_free(crl); rb_raise(ePKCS7Error, "%s", ossl_error()); } @@ -388,17 +380,17 @@ ossl_pkcs7_add_data(int argc, VALUE *argv, VALUE self) ossl_pkcs7 *p7p = NULL; BIO *bio = NULL; int i; - VALUE data, detached; + VALUE data, detach; GetPKCS7(self, p7p); - rb_scan_args(argc, argv, "11", &data, &detached); + rb_scan_args(argc, argv, "11", &data, &detach); Check_SafeStr(data); PKCS7_content_new(p7p->pkcs7, NID_pkcs7_data); - if (detached == Qtrue) + if (detach == Qtrue) PKCS7_set_detached(p7p->pkcs7, 1); if (!(bio=PKCS7_dataInit(p7p->pkcs7, NULL))) { @@ -464,7 +456,7 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) i = BIO_read(bio, buf, sizeof(buf)); if (i <= 0) break; } - /*BIO_free(bio);*/ + /*BIO_free(bio); - shall we?*/ if (!(sk = PKCS7_get_signer_info(p7p->pkcs7))) rb_raise(ePKCS7Error, "NO SIGNATURES ON THIS DATA"); @@ -473,13 +465,11 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) si = sk_PKCS7_SIGNER_INFO_value(sk, i); result = PKCS7_dataVerify(store, &ctx, bio, p7p->pkcs7, si); if (result <= 0) { - rb_warning("PKCS7::PKCS7.verify_data(): %s", ossl_error()); + OSSL_Warning("PKCS7::PKCS7.verify_data():"); return Qfalse; } - /* - * Yeld signer info - */ + /* Yield signer info */ if (rb_block_given_p()) rb_yield(ossl_pkcs7si_new(si)); } @@ -588,6 +578,7 @@ ossl_pkcs7si_initialize(int argc, VALUE *argv, VALUE self) if (rb_funcall(key, rb_intern("private?"), 0, NULL) != Qtrue) { rb_raise(ePKCS7Error, "private key needed!"); } + pkey = ossl_pkey_get_EVP_PKEY(key); x509 = ossl_x509_get_X509(cert); diff --git a/ossl_pkey_dsa.c b/ossl_pkey_dsa.c index 6586fe1..484bf01 100644 --- a/ossl_pkey_dsa.c +++ b/ossl_pkey_dsa.c @@ -167,7 +167,7 @@ ossl_dsa_s_new_from_pem(int argc, VALUE *argv, VALUE klass) /* * CB for yielding when generating DSA params */ -static void +static void MS_CALLBACK ossl_dsa_generate_cb(int p, int n, void *arg) { VALUE ary; diff --git a/ossl_pkey_rsa.c b/ossl_pkey_rsa.c index 66ffa79..0f32e5d 100644 --- a/ossl_pkey_rsa.c +++ b/ossl_pkey_rsa.c @@ -168,7 +168,7 @@ ossl_rsa_s_new_from_pem(int argc, VALUE *argv, VALUE klass) /* * CB for yielding when generating RSA data */ -static void +static void MS_CALLBACK ossl_rsa_generate_cb(int p, int n, void *arg) { VALUE ary; @@ -136,7 +136,7 @@ ssl_false(VALUE dummy) return Qfalse; } -static int +static int MS_CALLBACK ssl_verify_callback(int ok, X509_STORE_CTX *ctx) { VALUE x509stc, args, ret; diff --git a/ossl_x509store.c b/ossl_x509store.c index 2b27104..fc36ce4 100644 --- a/ossl_x509store.c +++ b/ossl_x509store.c @@ -182,6 +182,9 @@ ossl_x509store_initialize(int argc, VALUE *argv, VALUE self) rb_raise(eX509StoreError, "%s", ossl_error()); } X509_STORE_set_verify_cb_func(store, ossl_x509store_verify_cb); + /* OpenSSL 0.9.6c + * X509_STORE_CTX_set_verify_cb(ctx, func); + */ X509_STORE_CTX_init(storep->store, store, NULL, NULL); /* |