diff options
author | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-06-04 06:44:42 +0000 |
---|---|---|
committer | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-06-04 06:44:42 +0000 |
commit | a5180750f7ab485fba73dd6e9861536adf3b693b (patch) | |
tree | cd2cea7862bed69939cb64d20346a3f975b5a9cc /lib | |
parent | bc603852659675cd0c7420dd4d126780f7ba6ee2 (diff) | |
download | ruby-openssl-history-a5180750f7ab485fba73dd6e9861536adf3b693b.tar.gz |
Initial revision
Diffstat (limited to 'lib')
-rw-r--r-- | lib/net/https.rb | 18 | ||||
-rw-r--r-- | lib/net/protocols.rb | 18 | ||||
-rw-r--r-- | lib/net/telnets.rb | 15 | ||||
-rw-r--r-- | lib/openssl.rb | 335 | ||||
-rw-r--r-- | lib/openssl/bn.rb | 39 | ||||
-rw-r--r-- | lib/openssl/buffering.rb | 12 | ||||
-rw-r--r-- | lib/openssl/digest.rb | 42 | ||||
-rw-r--r-- | lib/openssl/pkey.rb | 123 | ||||
-rw-r--r-- | lib/openssl/ssl.rb | 42 | ||||
-rw-r--r-- | lib/openssl/x509.rb | 186 | ||||
-rw-r--r-- | lib/ssl.rb | 110 |
11 files changed, 493 insertions, 447 deletions
diff --git a/lib/net/https.rb b/lib/net/https.rb index 8ea304b..c8bf329 100644 --- a/lib/net/https.rb +++ b/lib/net/https.rb @@ -1,16 +1,23 @@ =begin += $RCSfile$ -- SSL/TLS enhancement for Net::HTTP. -= https.rb -- SSL/TLS enhancement for Net::HTTP. - += Info + 'OpenSSL for Ruby 2' project Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) += Requirements This program requires Net 1.2.0 or higher version. You can get it from RAA or Ruby's CVS repository. - $IPR: https.rb,v 1.5 2001/07/15 22:24:05 gotoyuzo Exp $ - - 2001/11/06: Contiributed to Ruby/OpenSSL project. += Version $Id$ + + 2001/11/06: Contiributed to Ruby/OpenSSL project. == class Net::HTTP @@ -88,7 +95,6 @@ It can be replaced by follow one: : verify_depth=((|num|)) Sets the maximum depth for the certificate chain verification. - =end require 'net/protocols' diff --git a/lib/net/protocols.rb b/lib/net/protocols.rb index 72807e5..7cd634d 100644 --- a/lib/net/protocols.rb +++ b/lib/net/protocols.rb @@ -1,17 +1,23 @@ =begin += $RCSfile$ -- SSL/TLS enhancement for Net. -= protocols.rb -- SSL/TLS enhancement for Net. - += Info + 'OpenSSL for Ruby 2' project Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) += Requirements This program requires Net 1.2.0 or higher version. You can get it from RAA or Ruby's CVS repository. - $IPR: protocols.rb,v 1.1 2001/06/17 14:30:22 gotoyuzo Exp $ - - 2001/11/06: Contiributed to Ruby/OpenSSL project. += Version $Id$ - + + 2001/11/06: Contiributed to Ruby/OpenSSL project. =end require 'net/protocol' diff --git a/lib/net/telnets.rb b/lib/net/telnets.rb index d66815a..c7ecbd7 100644 --- a/lib/net/telnets.rb +++ b/lib/net/telnets.rb @@ -1,13 +1,19 @@ =begin += $RCSfile$ -- SSL/TLS enhancement for Net::Telnet. -= telnets.rb -- SSL/TLS enhancement for Net::Telnet. - += Info + 'OpenSSL for Ruby 2' project Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org> + All rights reserved. - $IPR: telnets.rb,v 1.5 2001/09/13 16:42:50 gotoyuzo Exp $ += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) - 2001/11/06: Contiributed to Ruby/OpenSSL project. += Version $Id$ + + 2001/11/06: Contiributed to Ruby/OpenSSL project. == class Net::Telnet @@ -45,7 +51,6 @@ Michal Rokos's OpenSSL module. }) This class is expected to be a superset of usual Net::Telnet. - =end require "net/telnet" diff --git a/lib/openssl.rb b/lib/openssl.rb index d182220..c3d4212 100644 --- a/lib/openssl.rb +++ b/lib/openssl.rb @@ -1,323 +1,24 @@ -#!/usr/bin/env ruby +=begin += $RCSfile$ -- Loader for all OpenSSL C-space and Ruby-space definitions -require 'openssl.so' -require 'openssl/buffering' -require 'thread' - -module OpenSSL - module PKey -if defined? DSA - class DSA - def DSA::new(arg, pass=nil) - if arg.kind_of? Fixnum - DSA::generate(arg) {|p,n| - if block_given? then yield [p,n] end - } - else - DSA::new_from_pem(arg, pass) - end - end # DSA::new - # - # DSA::new_from_pem(PEM string, pass) is built-in - # DSA::new_from_fixnum(size) is an alias to DSA::generate(size) - # DSA::generate(size) is built-in; yields p,n - # - def sign(digest, data) - unless self.private? - raise OpenSSL::PKey::DSAError, "Cannot sign with public key!" - end - unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class})" - end - self.sign_digest digest.update(data.to_s).digest - end # sign - - def verify(digest, signature, data) - unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class})" - end - unless signature.class == String - raise TypeError, "Signature as String expected (got #{sign.class})" - end - self.verify_digest(digest.update(data.to_s).digest, signature) - end # verify - end # DSA -end #defined? DSA -if defined? RSA - class RSA - def RSA::new(arg, pass=nil) - if arg.kind_of? Fixnum - RSA::generate(arg) {|p,n| - if block_given? then yield [p,n] end - } - else - RSA::new_from_pem(arg, pass) - end - end # RSA::new - # - # RSA::new_from_pem(PEM string, pass) is built-in - # RSA::new_from_fixnum(size) is an alias to RSA::generate(size) - # RSA::generate(size) is built-in; yields p,n - # - def sign(digest, data) - unless self.private? - raise OpenSSL::PKey::RSAError, "Cannot sign with public key!" - end - unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class})" - end - self.private_encrypt digest.update(data.to_s).digest - end # sign - - def verify(digest, signature, data) - unless digest.kind_of? OpenSSL::Digest::ANY - raise TypeError, "digest alg needed! (got #{digest.class})" - end - unless signature.class == String - raise TypeError, "Signature as String expected (got #{sign.class})" - end - md_s = self.public_decrypt signature - md_d = digest.update(data.to_s).digest - md_s == md_d - end # verify - end # RSA -end # defined? RSA -if defined? DH - class DH - def DH::new(arg, gen = 2) - if arg.kind_of? Fixnum - DH::generate(arg, gen) {|p,n| - if block_given? then yield [p,n] end - } - else - DH::new_from_pem(arg) - end - end # DH::new - # - # DH::new_from_pem(PEM string, pass) is built-in - # DH::new_from_fixnum(size, gen) is an alias to DH::generate(size, gen) - # DH::generate(size, gen) is built-in; yields p,n - # - end # DH -end # defined? DH - end # PKey - - module SSL - class SSLSocket - include Buffering - CallbackMutex = Mutex.new - - def connect - CallbackMutex.synchronize{ __connect } - end - - def accept - CallbackMutex.synchronize{ __accept } - end - end # SSLSocket - end # SSL - - module X509 - class Name - def Name::new(arg) - type = arg.class - while type - method = "new_from_#{type.name.downcase}".intern - return Name::send(method, arg) if Name::respond_to? method - type = type.superclass - end - raise TypeError, "Don't how to make new #{self} from #{arg.class}" - ###Name::send("new_from_#{arg.class.name.downcase}", arg) - end - # - # Name::new_from_hash(hash) is built-in method - # - def Name::new_from_string(str) # we're expecting string like "/A=B/C=D/E=F" - hash = Hash::new - key = val = nil # speed optim. - ary = str.split("/") - ary.shift # first item is "" - so skip it - ary.each {|item| - key, val = item.split("=") - hash[key] = val - } - Name::new_from_hash(hash) - ###ary.collect! {|item| item.split("=") } - ###Name::new_from_array(ary) - end - - def Name::new_from_array(ary) # [["A","B"],["C","D"],["E","F"]] - hash = Hash::new - ary.each {|key, val| - hash[key] = val - } - Name::new_from_hash(hash) - end - # - # to_h is built-in method - # - def to_s # "/A=B/C=D/E=F" - hash = self.to_h - str = "" - hash.keys.each do |key| - str += "/" + key + "=" + hash[key] - end - str - end - - def to_a # [["A","B"],["C","D"],["E","F"]] - self.to_h.to_a - end - end # Name - - class ExtensionFactory - def create_extension(*arg) - if arg.size == 1 then arg = arg[0] end - type = arg.class - while type - method = "create_ext_from_#{type.name.downcase}".intern - return send(method, arg) if respond_to? method - type = type.superclass - end - raise TypeError, "Don't how to create ext from #{arg.class}" - ###send("create_ext_from_#{arg.class.name.downcase}", arg) - end - # - # create_ext_from_array is built-in - # - def create_ext_from_string(str) # "oid = critical, value" - unless str =~ /\s*=\s*/ - raise ArgumentError, "string in format \"oid = value\" expected" - end - ary = [] - ary << $`.sub(/^\s*/,"") # delete whitespaces from the beginning - rest = $'.sub(/\s*$/,"") # delete them from the end - if rest =~ /^critical,\s*/ # handle 'critical' option - ary << $' - ary << true - else - ary << rest - end - create_ext_from_array(ary) - end - - def create_ext_from_hash(hash) # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false} - unless (hash.has_key? "oid" and hash.has_key? "value") - raise ArgumentError, "hash in format {\"oid\"=>..., \"value\"=>...} expected" - end - ary = [] - ary << hash["oid"] - ary << hash["value"] - ary << hash["critical"] if hash.has_key? "critical" - create_ext_from_array(ary) - end - end # ExtensionFactory - - class Extension - # note: Extension.new is UNDEFed! - use ExtensionFactory.create_extension - # - # to_a is built-in - # - def to_s # "oid = critical, value" - ary = self.to_a - str = ary[0] + " = " - str += "critical, " if ary[2] == true - str += ary[1] - end - - def to_h # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false} - ary = self.to_a - {"oid"=>ary[0],"value"=>ary[1],"critical"=>ary[2]} - end - - def oid - self.to_a[0] - end - - def value - self.to_a[1] - end - - def critical? - self.to_a[2] - end - end # Extension - - class Attribute - def Attribute::new(arg) - type = arg.class - while type - method = "new_from_#{type.name.downcase}".intern - return Attribute::send(method, arg) if Attribute::respond_to? method - type = type.superclass - end - raise "Don't how to make new #{self} from #{arg.class}" - ###Attribute::send("new_from_#{arg.class.name.downcase}", arg) - end - # - # Attribute::new_from_array(ary) is built-in method - # - def Attribute::new_from_string(str) # "oid = value" - unless str =~ /\s*=\s*/ - raise ArgumentError, "string in format \"oid = value\" expected" - end - ary = [] - ary << $`.sub(/^\s*/,"") # delete whitespaces from the beginning - ary << $'.sub(/\s*$/,"") # delete them from the end - Attribute::new_from_array(ary) - end += Info + 'OpenSSL for Ruby 2' project + Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz> + All rights reserved. - def Attribute::new_from_hash(hash) # {"oid"=>"...", "value"=>"..."} - unless (hash.has_key? "oid" and hash.has_key? "value") - raise ArgumentError, "hash in format {\"oid\"=>..., \"value\"=>...} expected" - end - ary = [] - ary << hash["oid"] - ary << hash["value"] - Attribute::new_from_array(ary) - end - end # Attribute - end # X509 += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) - class BN - def initialize(arg=nil, type="dec") - return if arg.nil? - t = arg.class - while t - method = "from_#{t.name.downcase.split("::").last}".intern - return send(method, arg, type) if respond_to?(method, true) - t = t.superclass - end - raise "Don't how to init #{self.class.name} from #{arg.class}" - end += Version + $Id$ +=end - def from_bn(arg, dummy=nil) - copy(arg) - end - - def from_integer(arg, type="dec") - from_string(arg.to_s, type) - end - - def from_string(arg, type="dec") - send("from_s_#{type.downcase}", arg) - end - - private :from_bn, :from_integer, :from_string - - def to_s(type="dec") - send("to_s_#{type.downcase}") - end - - def to_i - self.to_s.to_i - end - end # BN -end # OpenSSL +require 'openssl.so' -class Integer - def to_bn - OpenSSL::BN::new(self) - end -end # Integer +require 'openssl/bn' +require 'openssl/digest' +require 'openssl/pkey' +require 'openssl/ssl' +require 'openssl/x509' diff --git a/lib/openssl/bn.rb b/lib/openssl/bn.rb new file mode 100644 index 0000000..f2ea761 --- /dev/null +++ b/lib/openssl/bn.rb @@ -0,0 +1,39 @@ +=begin += $RCSfile$ -- Ruby-space definitions that completes C-space funcs for BN + += Info + 'OpenSSL for Ruby 2' project + Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) + += Version + $Id$ +=end + +## +# Should we care what if somebody require this file directly? +#require 'openssl' + +module OpenSSL + +class BN + def to_i + to_s.to_i + end +end # BN + +end # OpenSSL + +## +# Add double dispatch to Integer +# +class Integer + def to_bn + OpenSSL::BN::new(self) + end +end # Integer + diff --git a/lib/openssl/buffering.rb b/lib/openssl/buffering.rb index 5832025..a490772 100644 --- a/lib/openssl/buffering.rb +++ b/lib/openssl/buffering.rb @@ -1,11 +1,17 @@ =begin += $RCSfile$ -- Buffering mix-in module. -= buffering.rb -- Buffering mix-in module. - += Info + 'OpenSSL for Ruby 2' project Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org> + All rights reserved. - $IPR: buffering.rb,v 1.13 2001/09/13 16:42:49 gotoyuzo Exp $ += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) += Version + $Id$ =end module Buffering diff --git a/lib/openssl/digest.rb b/lib/openssl/digest.rb new file mode 100644 index 0000000..2cfb8a7 --- /dev/null +++ b/lib/openssl/digest.rb @@ -0,0 +1,42 @@ +=begin += $RCSfile$ -- Ruby-space predefined Digest subclasses + += Info + 'OpenSSL for Ruby 2' project + Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) + += Version + $Id$ +=end + +## +# Should we care what if somebody require this file directly? +#require 'openssl' + +module OpenSSL +module Digest + +["DSS", "DSS1", "MD2", "MD4", "MD5", "MDC2", "RIPEMD160", "SHA", "SHA1"].each do |digest| + eval(<<-EOD) + class #{digest} < Digest + def initialize() + super(\"#{digest}\") + end + def #{digest}::digest(data) + super(\"#{digest}\", data) + end + def #{digest}::hexdigest(data) + super(\"#{digest}\", data) + end + end + EOD +end + +end # Digest +end # OpenSSL + diff --git a/lib/openssl/pkey.rb b/lib/openssl/pkey.rb new file mode 100644 index 0000000..f05878b --- /dev/null +++ b/lib/openssl/pkey.rb @@ -0,0 +1,123 @@ +=begin += $RCSfile$ -- Ruby-space definitions that completes C-space funcs for PKey and subclasses + += Info + 'OpenSSL for Ruby 2' project + Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) + += Version + $Id$ +=end + +## +# Should we care what if somebody require this file directly? +#require 'openssl' + +module OpenSSL +module PKey + +if defined? DSA + class DSA + def DSA::new(arg, pass=nil) + if arg.kind_of? Fixnum + DSA::generate(arg) {|p,n| + if block_given? then yield [p,n] end + } + else + DSA::new_from_pem(arg, pass) + end + end # DSA::new + # + # DSA::new_from_pem(PEM string, pass) is built-in + # DSA::new_from_fixnum(size) is an alias to DSA::generate(size) + # DSA::generate(size) is built-in; yields p,n + # + def sign(digest, data) + unless private? + raise OpenSSL::PKey::DSAError, "Cannot sign with public key!" + end + unless digest.kind_of? OpenSSL::Digest::ANY + raise TypeError, "digest alg needed! (got #{digest.class})" + end + sign_digest digest.update(data.to_s).digest + end # sign + + def verify(digest, signature, data) + unless digest.kind_of? OpenSSL::Digest::ANY + raise TypeError, "digest alg needed! (got #{digest.class})" + end + unless signature.class == String + raise TypeError, "Signature as String expected (got #{sign.class})" + end + verify_digest(digest.update(data.to_s).digest, signature) + end # verify + end # DSA +end #defined? DSA + +if defined? RSA + class RSA + def RSA::new(arg, pass=nil) + if arg.kind_of? Fixnum + RSA::generate(arg) {|p,n| + if block_given? then yield [p,n] end + } + else + RSA::new_from_pem(arg, pass) + end + end # RSA::new + # + # RSA::new_from_pem(PEM string, pass) is built-in + # RSA::new_from_fixnum(size) is an alias to RSA::generate(size) + # RSA::generate(size) is built-in; yields p,n + # + def sign(digest, data) + unless self.private? + raise OpenSSL::PKey::RSAError, "Cannot sign with public key!" + end + unless digest.kind_of? OpenSSL::Digest::ANY + raise TypeError, "digest alg needed! (got #{digest.class})" + end + private_encrypt digest.update(data.to_s).digest + end # sign + + def verify(digest, signature, data) + unless digest.kind_of? OpenSSL::Digest::ANY + raise TypeError, "digest alg needed! (got #{digest.class})" + end + unless signature.class == String + raise TypeError, "Signature as String expected (got #{sign.class})" + end + md_s = self.public_decrypt signature + md_d = digest.update(data.to_s).digest + md_s == md_d + end # verify + end # RSA +end # defined? RSA + +if defined? DH + class DH + def DH::new(arg, gen = 2) + if arg.kind_of? Fixnum + DH::generate(arg, gen) {|p,n| + if block_given? then yield [p,n] end + } + else + DH::new_from_pem(arg) + end + end # DH::new + # + # DH::new_from_pem(PEM string, pass) is built-in + # DH::new_from_fixnum(size, gen) is an alias to DH::generate(size, gen) + # DH::generate(size, gen) is built-in; yields p,n + # + end # DH +end # defined? DH + +end # PKey +end # OpenSSL + diff --git a/lib/openssl/ssl.rb b/lib/openssl/ssl.rb new file mode 100644 index 0000000..2ce8a67 --- /dev/null +++ b/lib/openssl/ssl.rb @@ -0,0 +1,42 @@ +=begin += $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL + += Info + 'OpenSSL for Ruby 2' project + Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) + += Version + $Id$ +=end + +## +# Should we care what if somebody require this file directly? +#require 'openssl' + +require 'openssl/buffering' +require 'thread' + +module OpenSSL +module SSL + +class SSLSocket + include Buffering + CallbackMutex = Mutex.new + + def connect + CallbackMutex.synchronize{ __connect } + end + + def accept + CallbackMutex.synchronize{ __accept } + end +end # SSLSocket + +end # SSL +end # OpenSSL + diff --git a/lib/openssl/x509.rb b/lib/openssl/x509.rb new file mode 100644 index 0000000..f64774f --- /dev/null +++ b/lib/openssl/x509.rb @@ -0,0 +1,186 @@ +=begin += $RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses + += Info + 'OpenSSL for Ruby 2' project + Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz> + All rights reserved. + += Licence + This program is licenced under the same licence as Ruby. + (See the file 'LICENCE'.) + += Version + $Id$ +=end + +## +# Should we care what if somebody require this file directly? +#require 'openssl' + +module OpenSSL +module X509 + +class Name + def Name::new(arg) + type = arg.class + while type + method = "new_from_#{type.name.downcase}".intern + return Name::send(method, arg) if Name::respond_to? method + type = type.superclass + end + raise TypeError, "Don't how to make new #{self} from #{arg.class}" + ###Name::send("new_from_#{arg.class.name.downcase}", arg) + end + # + # Name::new_from_hash(hash) is built-in method + # + def Name::new_from_string(str) # we're expecting string like "/A=B/C=D/E=F" + hash = Hash::new + key = val = nil # speed optim. + ary = str.split("/") + ary.shift # first item is "" - so skip it + ary.each {|item| + key, val = item.split("=") + hash[key] = val + } + Name::new_from_hash(hash) + ###ary.collect! {|item| item.split("=") } + ###Name::new_from_array(ary) + end + + def Name::new_from_array(ary) # [["A","B"],["C","D"],["E","F"]] + hash = Hash::new + ary.each {|key, val| + hash[key] = val + } + Name::new_from_hash(hash) + end + # + # to_h is built-in method + # + def to_s # "/A=B/C=D/E=F" + hash = self.to_h + str = "" + hash.keys.each do |key| + str += "/" + key + "=" + hash[key] + end + str + end + + def to_a # [["A","B"],["C","D"],["E","F"]] + to_h.to_a + end +end # Name + +class ExtensionFactory + def create_extension(*arg) + if arg.size == 1 then arg = arg[0] end + type = arg.class + while type + method = "create_ext_from_#{type.name.downcase}".intern + return send(method, arg) if respond_to? method + type = type.superclass + end + raise TypeError, "Don't how to create ext from #{arg.class}" + ###send("create_ext_from_#{arg.class.name.downcase}", arg) + end + # + # create_ext_from_array is built-in + # + def create_ext_from_string(str) # "oid = critical, value" + unless str =~ /\s*=\s*/ + raise ArgumentError, "string in format \"oid = value\" expected" + end + ary = [] + ary << $`.sub(/^\s*/,"") # delete whitespaces from the beginning + rest = $'.sub(/\s*$/,"") # delete them from the end + if rest =~ /^critical,\s*/ # handle 'critical' option + ary << $' + ary << true + else + ary << rest + end + create_ext_from_array(ary) + end + + def create_ext_from_hash(hash) # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false} + unless (hash.has_key? "oid" and hash.has_key? "value") + raise ArgumentError, "hash in format {\"oid\"=>..., \"value\"=>...} expected" + end + ary = [] + ary << hash["oid"] + ary << hash["value"] + ary << hash["critical"] if hash.has_key? "critical" + create_ext_from_array(ary) + end +end # ExtensionFactory + +class Extension + # note: Extension.new is UNDEFed! - use ExtensionFactory.create_extension + # + # to_a is built-in + # + def to_s # "oid = critical, value" + ary = self.to_a + str = ary[0] + " = " + str += "critical, " if ary[2] == true + str += ary[1] + end + + def to_h # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false} + ary = self.to_a + {"oid"=>ary[0],"value"=>ary[1],"critical"=>ary[2]} + end + + def oid + self.to_a[0] + end + + def value + self.to_a[1] + end + + def critical? + self.to_a[2] + end +end # Extension + +class Attribute + def Attribute::new(arg) + type = arg.class + while type + method = "new_from_#{type.name.downcase}".intern + return Attribute::send(method, arg) if Attribute::respond_to? method + type = type.superclass + end + raise "Don't how to make new #{self} from #{arg.class}" + ###Attribute::send("new_from_#{arg.class.name.downcase}", arg) + end + # + # Attribute::new_from_array(ary) is built-in method + # + def Attribute::new_from_string(str) # "oid = value" + unless str =~ /\s*=\s*/ + raise ArgumentError, "string in format \"oid = value\" expected" + end + ary = [] + ary << $`.sub(/^\s*/,"") # delete whitespaces from the beginning + ary << $'.sub(/\s*$/,"") # delete them from the end + Attribute::new_from_array(ary) + end + + def Attribute::new_from_hash(hash) # {"oid"=>"...", "value"=>"..."} + unless (hash.has_key? "oid" and hash.has_key? "value") + raise ArgumentError, "hash in format {\"oid\"=>..., \"value\"=>...} expected" + end + ary = [] + ary << hash["oid"] + ary << hash["value"] + Attribute::new_from_array(ary) + end +end # Attribute + +end # X509 +end # OpenSSL + diff --git a/lib/ssl.rb b/lib/ssl.rb deleted file mode 100644 index 6da79a7..0000000 --- a/lib/ssl.rb +++ /dev/null @@ -1,110 +0,0 @@ -=begin - - ssl.rb -- to support migrations from SSLSocket. - - Copyright (C) 2001-2002 GOTOU Yuuzou <gotoyuzo@notowrk.org> - - This program is licenced under the same licence as Ruby. - (See the file 'LICENCE'.) - -=end - -require 'openssl' - -$stderr.puts "Warning: `ssl.rb' is obsolete. please use `openssl.rb'" - -module SSL - include OpenSSL::SSL - VERSION = ::OpenSSL::VERSION - OPENSSL_VERSION = ::OpenSSL::OPENSSL_VERSION - - X509_STORE_CTX = ::OpenSSL::X509::Store - class X509_STORE_CTX - alias error_message verify_message - alias error verify_status - alias current_cert cert - alias error_depth verify_depth - end - - X509 = ::OpenSSL::X509::Certificate - class X509 - alias serialNumber serial - alias inspect to_pem - def notBefore; not_before.to_s; end - def notAfter; not_after.to_s; end - - def sigAlgor - # sorry, not support on Ruby/OpenSSL - "" - end - - def key_type - case public_key - when ::OpenSSL::PKey::RSA - "rsaEncryption" - when ::OpenSSL::PKey::DSA - "dsaEncryption" - else - "unknown" - end - end - - alias __initialize initialize - def initialize(arg) - if arg.is_a?(String) - arg = open(arg){|io| io.read } - end - __initialize(arg) - end - - alias __verify verify - def verify(arg) - case arg - when String; arg = type.new(arg).public_key - when type; arg = arg.public_key - end - __verify arg - end - - def extension - extensions.collect{|ext| ext.to_a } - end - - %w( UNABLE_TO_GET_ISSUER_CERT - UNABLE_TO_GET_CRL - UNABLE_TO_DECRYPT_CERT_SIGNATURE - UNABLE_TO_DECRYPT_CRL_SIGNATURE - UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY - CERT_SIGNATURE_FAILURE - CRL_SIGNATURE_FAILURE - CERT_NOT_YET_VALID - CERT_HAS_EXPIRED - CRL_NOT_YET_VALID - CRL_HAS_EXPIRED - ERROR_IN_CERT_NOT_BEFORE_FIELD - ERROR_IN_CERT_NOT_AFTER_FIELD - ERROR_IN_CRL_LAST_UPDATE_FIELD - ERROR_IN_CRL_NEXT_UPDATE_FIELD - OUT_OF_MEM - DEPTH_ZERO_SELF_SIGNED_CERT - SELF_SIGNED_CERT_IN_CHAIN - UNABLE_TO_GET_ISSUER_CERT_LOCALLY - UNABLE_TO_VERIFY_LEAF_SIGNATURE - CERT_CHAIN_TOO_LONG - CERT_REVOKED - INVALID_CA - PATH_LENGTH_EXCEEDED - INVALID_PURPOSE - CERT_UNTRUSTED - CERT_REJECTED - SUBJECT_ISSUER_MISMATCH - AKID_SKID_MISMATCH - AKID_ISSUER_SERIAL_MISMATCH - KEYUSAGE_NO_CERTSIGN - APPLICATION_VERIFICATION - ).each{|name| - eval("#{name} = ::OpenSSL::X509::Store::#{name}") - } - end - -end |