diff options
author | Michal Rokos <m.rokos@sh.cvut.cz> | 2001-11-16 11:20:13 +0000 |
---|---|---|
committer | Michal Rokos <m.rokos@sh.cvut.cz> | 2001-11-16 11:20:13 +0000 |
commit | 8903e757c052d3a99aada758bb628ec135360e60 (patch) | |
tree | 5f0e99803c1fc5c6909fd7d325d0f279265b97cf /ossl_ns_spki.c | |
download | ruby-openssl-history-8903e757c052d3a99aada758bb628ec135360e60.tar.gz |
Initial revision
Diffstat (limited to 'ossl_ns_spki.c')
-rw-r--r-- | ossl_ns_spki.c | 256 |
1 files changed, 256 insertions, 0 deletions
diff --git a/ossl_ns_spki.c b/ossl_ns_spki.c new file mode 100644 index 0000000..3c43774 --- /dev/null +++ b/ossl_ns_spki.c @@ -0,0 +1,256 @@ +/* + * $Id$ + * 'OpenSSL for Ruby' project + * Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz> + * All rights reserved. + */ +/* + * This program is licenced under the same licence as Ruby. + * (See the file 'LICENCE'.) + */ +#include "ossl.h" + +#define MakeSPKI(obj, spkip) {\ + obj = Data_Make_Struct(cSPKI, ossl_spki, 0, ossl_spki_free, spkip);\ +} + +#define GetSPKI(obj, spkip) {\ + Data_Get_Struct(obj, ossl_spki, spkip);\ +} + +/* + * Classes + */ +VALUE cSPKI; +VALUE eSPKIError; + +/* + * Struct + */ +typedef struct ossl_spki_st { + NETSCAPE_SPKI *spki; +} ossl_spki; + +static void ossl_spki_free(ossl_spki *spkip) +{ + if(spkip) { + if(spkip->spki) NETSCAPE_SPKI_free(spkip->spki); + free(spkip); + } +} + +/* + * Public functions + */ + +/* + * Private functions + */ +static VALUE ossl_spki_s_new(int argc, VALUE *argv, VALUE klass) +{ + ossl_spki *spkip = NULL; + VALUE obj; + + MakeSPKI(obj, spkip); + rb_obj_call_init(obj, argc, argv); + + return obj; +} + +static VALUE ossl_spki_initialize(int argc, VALUE *argv, VALUE self) +{ + ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; + VALUE buffer; + + GetSPKI(self, spkip); + + rb_scan_args(argc, argv, "01", &buffer); + + if (NIL_P(buffer)) { + if (!(spki = NETSCAPE_SPKI_new())) { + rb_raise(eSPKIError, "%s", ossl_error()); + } + } else switch (TYPE(buffer)) { + case T_STRING: + Check_SafeStr(buffer); + if (!(spki = NETSCAPE_SPKI_b64_decode(RSTRING(buffer)->ptr, -1))) { + rb_raise(eSPKIError, "%s", ossl_error()); + } + break; + default: + rb_raise(rb_eTypeError, "unsupported type"); + } + spkip->spki = spki; + + return self; +} + +static VALUE ossl_spki_to_pem(VALUE self) +{ + ossl_spki *spkip = NULL; + char *data = NULL; + VALUE str; + + GetSPKI(self, spkip); + + if (!(data = NETSCAPE_SPKI_b64_encode(spkip->spki))) { + rb_raise(eSPKIError, "%s", ossl_error()); + } + + return rb_str_new2(data); +} + +static VALUE ossl_spki_to_str(VALUE self) +{ + ossl_spki *spkip = NULL; + BIO *out = NULL; + BUF_MEM *buf = NULL; + VALUE str; + + GetSPKI(self, spkip); + + if (!(out = BIO_new(BIO_s_mem()))) { + rb_raise(eSPKIError, "%s", ossl_error()); + } + if (!NETSCAPE_SPKI_print(out, spkip->spki)) { + BIO_free(out); + rb_raise(eSPKIError, "%s", ossl_error()); + } + BIO_get_mem_ptr(out, &buf); + str = rb_str_new(buf->data, buf->length); + BIO_free(out); + + return str; +} + +static VALUE ossl_spki_get_public_key(VALUE self) +{ + ossl_spki *spkip = NULL; + EVP_PKEY *pkey = NULL; + VALUE pub_key; + + GetSPKI(self, spkip); + + if (!(pkey = NETSCAPE_SPKI_get_pubkey(spkip->spki))) { + rb_raise(eSPKIError, "%s", ossl_error()); + } + pub_key = ossl_pkey_new(pkey); + + return pub_key; +} + +static VALUE ossl_spki_set_public_key(VALUE self, VALUE pubk) +{ + ossl_spki *spkip = NULL; + EVP_PKEY *pkey = NULL; + + GetSPKI(self, spkip); + OSSL_Check_Type(pubk, cPKey); + + pkey = ossl_pkey_get_EVP_PKEY(pubk); + + if (!NETSCAPE_SPKI_set_pubkey(spkip->spki, pkey)) { + EVP_PKEY_free(pkey); + rb_raise(eSPKIError, "%s", ossl_error()); + } + + return self; +} + +static VALUE ossl_spki_get_challenge(VALUE self) +{ + ossl_spki *spkip = NULL; + VALUE str; + + GetSPKI(self, spkip); + + if (spkip->spki->spkac->challenge->length > 0) + return rb_str_new(spkip->spki->spkac->challenge->data, spkip->spki->spkac->challenge->length); + + return rb_str_new2(""); +} + +static VALUE ossl_spki_set_challenge(VALUE self, VALUE str) +{ + ossl_spki *spkip = NULL; + + GetSPKI(self, spkip); + Check_SafeStr(str); + + if (!ASN1_STRING_set(spkip->spki->spkac->challenge, RSTRING(str)->ptr, RSTRING(str)->len)) { + rb_raise(eSPKIError, "%s", ossl_error()); + } + + return str; +} + +static VALUE ossl_spki_sign(VALUE self, VALUE key, VALUE digest) +{ + ossl_spki *spkip = NULL; + EVP_PKEY *pkey = NULL; + const EVP_MD *md = NULL; + + GetSPKI(self, spkip); + OSSL_Check_Type(key, cPKey); + OSSL_Check_Type(digest, cDigest); + + if (rb_funcall(key, rb_intern("private?"), 0, NULL) == Qfalse) { + rb_raise(eSPKIError, "PRIVATE key needed to sign REQ!"); + } + + pkey = ossl_pkey_get_EVP_PKEY(key); + md = ossl_digest_get_EVP_MD(digest); + + if (!NETSCAPE_SPKI_sign(spkip->spki, pkey, md)) { + EVP_PKEY_free(pkey); + rb_raise(eSPKIError, "%s", ossl_error()); + } + + return self; +} + +/* + * Checks that cert signature is made with PRIVversion of this PUBLIC 'key' + */ +static VALUE ossl_spki_verify(VALUE self, VALUE key) +{ + ossl_spki *spkip = NULL; + EVP_PKEY *pkey = NULL; + int i = 0; + + GetSPKI(self, spkip); + OSSL_Check_Type(key, cPKey); + + pkey = ossl_pkey_get_EVP_PKEY(key); + + i = NETSCAPE_SPKI_verify(spkip->spki, pkey); + + if (i < 0) { + rb_raise(eSPKIError, "%s", ossl_error()); + } else if (i > 0) + return Qtrue; + + return Qfalse; +} + +/* + * NETSCAPE_SPKI init + */ +void Init_ossl_spki(VALUE mNetscape) +{ + eSPKIError = rb_define_class_under(mNetscape, "SPKIError", rb_eStandardError); + + cSPKI = rb_define_class_under(mNetscape, "SPKI", rb_cObject); + rb_define_singleton_method(cSPKI, "new", ossl_spki_s_new, -1); + rb_define_method(cSPKI, "initialize", ossl_spki_initialize, -1); + rb_define_method(cSPKI, "to_pem", ossl_spki_to_pem, 0); + rb_define_method(cSPKI, "to_str", ossl_spki_to_str, 0); + rb_define_method(cSPKI, "public_key", ossl_spki_get_public_key, 0); + rb_define_method(cSPKI, "public_key=", ossl_spki_set_public_key, 1); + rb_define_method(cSPKI, "sign", ossl_spki_sign, 2); + rb_define_method(cSPKI, "verify", ossl_spki_verify, 1); + rb_define_method(cSPKI, "challenge", ossl_spki_get_challenge, 0); + rb_define_method(cSPKI, "challenge=", ossl_spki_set_challenge, 1); +} + |