diff options
author | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-03-11 17:20:04 +0000 |
---|---|---|
committer | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-03-11 17:20:04 +0000 |
commit | 7ed17afc8c327bc88d1510255d284487d06f226c (patch) | |
tree | 52aa2aed34535a040ba155fef373e4394449dd33 /ossl_x509.c | |
parent | 91e607a11b3862c0aa966712149b2afd2a00d90d (diff) | |
download | ruby-openssl-history-7ed17afc8c327bc88d1510255d284487d06f226c.tar.gz |
* Big internal cleanup (all structs with only 1 member rearranged)
* improved getting time_t from cTime
Diffstat (limited to 'ossl_x509.c')
-rw-r--r-- | ossl_x509.c | 277 |
1 files changed, 110 insertions, 167 deletions
diff --git a/ossl_x509.c b/ossl_x509.c index af97234..da1dc49 100644 --- a/ossl_x509.c +++ b/ossl_x509.c @@ -10,14 +10,8 @@ */ #include "ossl.h" -#define MakeX509(obj, x509p) {\ - obj = Data_Make_Struct(cX509Certificate, ossl_x509, 0, ossl_x509_free, x509p);\ -} -#define GetX509_unsafe(obj, x509p) Data_Get_Struct(obj, ossl_x509, x509p) -#define GetX509(obj, x509p) {\ - GetX509_unsafe(obj, x509p);\ - if (!x509p->x509) rb_raise(eX509CertificateError, "not initialized!");\ -} +#define WrapX509(obj, x509) obj = Data_Wrap_Struct(cX509Certificate, 0, X509_free, x509) +#define GetX509(obj, x509) Data_Get_Struct(obj, X509, x509) /* * Classes @@ -26,29 +20,11 @@ VALUE cX509Certificate; VALUE eX509CertificateError; /* - * Struct - */ -typedef struct ossl_x509_st { - X509 *x509; -} ossl_x509; - -static void -ossl_x509_free(ossl_x509 *x509p) -{ - if (x509p) { - if(x509p->x509) X509_free(x509p->x509); - x509p->x509 = NULL; - free(x509p); - } -} - -/* - * public functions + * Public */ VALUE ossl_x509_new(X509 *x509) { - ossl_x509 *x509p = NULL; X509 *new = NULL; VALUE obj; @@ -59,8 +35,7 @@ ossl_x509_new(X509 *x509) if (!new) OSSL_Raise(eX509CertificateError, ""); - MakeX509(obj, x509p); - x509p->x509 = new; + WrapX509(obj, new); return obj; } @@ -68,26 +43,26 @@ ossl_x509_new(X509 *x509) VALUE ossl_x509_new_from_file(VALUE filename) { + X509 *x509 = NULL; char *path; FILE *fp; - X509 *cert; - ossl_x509 *x509p = NULL; VALUE obj; + filename = rb_str_to_str(filename); Check_SafeStr(filename); + path = RSTRING(filename)->ptr; - if ((fp = fopen(path, "r")) == NULL) + if (!(fp = fopen(path, "r"))) rb_raise(eX509CertificateError, "%s", strerror(errno)); - cert = PEM_read_X509(fp, NULL, NULL, NULL); + x509 = PEM_read_X509(fp, NULL, NULL, NULL); fclose(fp); - if (!cert) + if (!x509) OSSL_Raise(eX509CertificateError, ""); - MakeX509(obj, x509p); - x509p->x509 = cert; + WrapX509(obj, x509); return obj; } @@ -95,29 +70,27 @@ ossl_x509_new_from_file(VALUE filename) X509 * ossl_x509_get_X509(VALUE obj) { - ossl_x509 *x509p = NULL; - X509 *x509 = NULL; + X509 *x509 = NULL, *new; OSSL_Check_Type(obj, cX509Certificate); - GetX509(obj, x509p); - if (!(x509 = X509_dup(x509p->x509))) { + GetX509(obj, x509); + + if (!(new = X509_dup(x509))) { OSSL_Raise(eX509CertificateError, ""); } - - return x509; + return new; } /* - * private functions + * Private */ static VALUE ossl_x509_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_x509 *x509p = NULL; VALUE obj; - MakeX509(obj, x509p); + obj = ossl_x509_new(NULL); rb_obj_call_init(obj, argc, argv); @@ -127,50 +100,40 @@ ossl_x509_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_x509_initialize(int argc, VALUE *argv, VALUE self) { - ossl_x509 *x509p = NULL; - X509 *x509 = NULL; BIO *in = NULL; VALUE buffer; - - GetX509_unsafe(self, x509p); - rb_scan_args(argc, argv, "01", &buffer); - - switch (TYPE(buffer)) { - case T_NIL: - x509 = X509_new(); - break; - default: - buffer = rb_String(buffer); - if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, RSTRING(buffer)->len))) { - OSSL_Raise(eX509CertificateError, ""); - } - x509 = PEM_read_bio_X509(in, NULL, NULL, NULL); - BIO_free(in); - } + if (argc == 0) + return self; - if (!x509) + buffer = rb_String(argv[0]); + + if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, RSTRING(buffer)->len))) { + OSSL_Raise(eX509CertificateError, ""); + } + if (!PEM_read_bio_X509(in, (X509 **)&DATA_PTR(self), NULL, NULL)) { + BIO_free(in); OSSL_Raise(eX509CertificateError, ""); + } + BIO_free(in); - x509p->x509 = x509; - return self; } static VALUE ossl_x509_to_der(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509(self, x509p); + GetX509(self, x509); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CertificateError, ""); } - if (!i2d_X509_bio(out, x509p->x509)) { + if (!i2d_X509_bio(out, x509)) { BIO_free(out); OSSL_Raise(eX509CertificateError, ""); } @@ -184,17 +147,17 @@ ossl_x509_to_der(VALUE self) static VALUE ossl_x509_to_pem(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509(self, x509p); + GetX509(self, x509); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CertificateError, ""); } - if (!PEM_write_bio_X509(out, x509p->x509)) { + if (!PEM_write_bio_X509(out, x509)) { BIO_free(out); OSSL_Raise(eX509CertificateError, ""); } @@ -208,17 +171,17 @@ ossl_x509_to_pem(VALUE self) static VALUE ossl_x509_to_text(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509(self, x509p); + GetX509(self, x509); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CertificateError, ""); } - if (!X509_print(out, x509p->x509)) { + if (!X509_print(out, x509)) { BIO_free(out); OSSL_Raise(eX509CertificateError, ""); } @@ -235,12 +198,12 @@ ossl_x509_to_text(VALUE self) static VALUE ossl_x509_to_req(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_REQ *req = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(req = X509_to_X509_REQ(x509p->x509, NULL, EVP_md5()))) { + if (!(req = X509_to_X509_REQ(x509, NULL, EVP_md5()))) { OSSL_Raise(eX509CertificateError, ""); } @@ -251,12 +214,12 @@ ossl_x509_to_req(VALUE self) static VALUE ossl_x509_get_version(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; long version = 0; - GetX509(self, x509p); + GetX509(self, x509); - version = X509_get_version(x509p->x509); + version = X509_get_version(x509); return INT2NUM(version+1); } @@ -264,15 +227,15 @@ ossl_x509_get_version(VALUE self) static VALUE ossl_x509_set_version(VALUE self, VALUE version) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; long ver = 0; - GetX509(self, x509p); + GetX509(self, x509); if ((ver = FIX2LONG(version)) <= 0) { rb_raise(eX509CertificateError, "version must be > 0!"); } - if (!X509_set_version(x509p->x509, ver-1)) { + if (!X509_set_version(x509, ver-1)) { OSSL_Raise(eX509CertificateError, ""); } @@ -282,13 +245,13 @@ ossl_x509_set_version(VALUE self, VALUE version) static VALUE ossl_x509_get_serial(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_INTEGER *asn1int = NULL; long serial = 0; - GetX509(self, x509p); + GetX509(self, x509); - if (!(asn1int = X509_get_serialNumber(x509p->x509))) { /* NO DUP - don't free */ + if (!(asn1int = X509_get_serialNumber(x509))) { /* NO DUP - don't free */ OSSL_Raise(eX509CertificateError, ""); } serial = ASN1_INTEGER_get(asn1int); @@ -299,10 +262,10 @@ ossl_x509_get_serial(VALUE self) static VALUE ossl_x509_set_serial(VALUE self, VALUE serial) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_INTEGER *asn1int = NULL; - GetX509(self, x509p); + GetX509(self, x509); if (!(asn1int = ASN1_INTEGER_new())) { OSSL_Raise(eX509CertificateError, ""); @@ -311,7 +274,7 @@ ossl_x509_set_serial(VALUE self, VALUE serial) ASN1_INTEGER_free(asn1int); OSSL_Raise(eX509CertificateError, ""); } - if (!X509_set_serialNumber(x509p->x509, asn1int)) { /* DUPs asn1int - FREE it */ + if (!X509_set_serialNumber(x509, asn1int)) { /* DUPs asn1int - FREE it */ ASN1_INTEGER_free(asn1int); OSSL_Raise(eX509CertificateError, ""); } @@ -323,12 +286,12 @@ ossl_x509_set_serial(VALUE self, VALUE serial) static VALUE ossl_x509_get_subject(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(name = X509_get_subject_name(x509p->x509))) { /* NO DUP - don't free! */ + if (!(name = X509_get_subject_name(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -338,15 +301,14 @@ ossl_x509_get_subject(VALUE self) static VALUE ossl_x509_set_subject(VALUE self, VALUE subject) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(subject, cX509Name); name = ossl_x509name_get_X509_NAME(subject); - if (!X509_set_subject_name(x509p->x509, name)) { /* DUPs name - FREE it */ + if (!X509_set_subject_name(x509, name)) { /* DUPs name - FREE it */ X509_NAME_free(name); OSSL_Raise(eX509CertificateError, ""); } @@ -358,12 +320,12 @@ ossl_x509_set_subject(VALUE self, VALUE subject) static VALUE ossl_x509_get_issuer(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if(!(name = X509_get_issuer_name(x509p->x509))) { /* NO DUP - don't free! */ + if(!(name = X509_get_issuer_name(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -373,15 +335,14 @@ ossl_x509_get_issuer(VALUE self) static VALUE ossl_x509_set_issuer(VALUE self, VALUE issuer) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(issuer, cX509Name); name = ossl_x509name_get_X509_NAME(issuer); - if (!X509_set_issuer_name(x509p->x509, name)) { /* DUPs name - FREE it */ + if (!X509_set_issuer_name(x509, name)) { /* DUPs name - FREE it */ X509_NAME_free(name); OSSL_Raise(eX509CertificateError, ""); } @@ -393,12 +354,12 @@ ossl_x509_set_issuer(VALUE self, VALUE issuer) static VALUE ossl_x509_get_not_before(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_UTCTIME *asn1time = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(asn1time = X509_get_notBefore(x509p->x509))) { /* NO DUP - don't free! */ + if (!(asn1time = X509_get_notBefore(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -408,22 +369,14 @@ ossl_x509_get_not_before(VALUE self) static VALUE ossl_x509_set_not_before(VALUE self, VALUE time) { - ossl_x509 *x509p = NULL; - int intsec = -1; - VALUE sec; + X509 *x509 = NULL; + time_t sec; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(time, rb_cTime); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) { - rb_raise(eX509CertificateError, "wierd time"); - } - if ((intsec = FIX2INT(sec)) < 0) { - rb_raise(eX509CertificateError, "time < 0???"); - } - if (!ASN1_UTCTIME_set(X509_get_notBefore(x509p->x509), intsec)) { + if (!ASN1_UTCTIME_set(X509_get_notBefore(x509), sec)) { OSSL_Raise(eX509CertificateError, ""); } return time; @@ -432,12 +385,12 @@ ossl_x509_set_not_before(VALUE self, VALUE time) static VALUE ossl_x509_get_not_after(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_UTCTIME *asn1time = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(asn1time = X509_get_notAfter(x509p->x509))) { /* NO DUP - don't free! */ + if (!(asn1time = X509_get_notAfter(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -447,22 +400,14 @@ ossl_x509_get_not_after(VALUE self) static VALUE ossl_x509_set_not_after(VALUE self, VALUE time) { - ossl_x509 *x509p = NULL; - int intsec = -1; - VALUE sec; + X509 *x509 = NULL; + time_t sec; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(time, rb_cTime); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) { - rb_raise(eX509CertificateError, "wierd time"); - } - if ((intsec = FIX2INT(sec)) < 0) { - rb_raise(eX509CertificateError, "time < 0??"); - } - if (!ASN1_UTCTIME_set(X509_get_notAfter(x509p->x509), FIX2INT(sec))) { + if (!ASN1_UTCTIME_set(X509_get_notAfter(x509), sec)) { OSSL_Raise(eX509CertificateError, ""); } return time; @@ -471,13 +416,13 @@ ossl_x509_set_not_after(VALUE self, VALUE time) static VALUE ossl_x509_get_public_key(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; VALUE pub_key; - GetX509(self, x509p); + GetX509(self, x509); - if (!(pkey = X509_get_pubkey(x509p->x509))) { /* adds an reference - safe to FREE */ + if (!(pkey = X509_get_pubkey(x509))) { /* adds an reference - safe to FREE */ OSSL_Raise(eX509CertificateError, ""); } pub_key = ossl_pkey_new(pkey); @@ -489,15 +434,14 @@ ossl_x509_get_public_key(VALUE self) static VALUE ossl_x509_set_public_key(VALUE self, VALUE pubk) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; - GetX509(self, x509p); - OSSL_Check_Type(pubk, cPKey); + GetX509(self, x509); pkey = ossl_pkey_get_EVP_PKEY(pubk); - if (!X509_set_pubkey(x509p->x509, pkey)) { /* DUPs pkey - FREE it */ + if (!X509_set_pubkey(x509, pkey)) { /* DUPs pkey - FREE it */ EVP_PKEY_free(pkey); OSSL_Raise(eX509CertificateError, ""); } @@ -509,11 +453,12 @@ ossl_x509_set_public_key(VALUE self, VALUE pubk) static VALUE ossl_x509_sign(VALUE self, VALUE key, VALUE digest) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; const EVP_MD *md = NULL; - GetX509(self, x509p); + GetX509(self, x509); + OSSL_Check_Type(key, cPKey); OSSL_Check_Type(digest, cDigest); @@ -524,7 +469,7 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) pkey = ossl_pkey_get_EVP_PKEY(key); md = ossl_digest_get_EVP_MD(digest); - if (!X509_sign(x509p->x509, pkey, md)) { + if (!X509_sign(x509, pkey, md)) { EVP_PKEY_free(pkey); OSSL_Raise(eX509CertificateError, ""); } @@ -539,15 +484,15 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) static VALUE ossl_x509_verify(VALUE self, VALUE key) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; int i = 0; - GetX509(self, x509p); - OSSL_Check_Type(key, cPKey); + GetX509(self, x509); pkey = ossl_pkey_get_EVP_PKEY(key); - i = X509_verify(x509p->x509, pkey); + + i = X509_verify(x509, pkey); EVP_PKEY_free(pkey); if (i < 0) { @@ -564,16 +509,15 @@ ossl_x509_verify(VALUE self, VALUE key) static VALUE ossl_x509_check_private_key(VALUE self, VALUE key) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; VALUE result; - GetX509(self, x509p); - OSSL_Check_Type(key, cPKey); + GetX509(self, x509); pkey = ossl_pkey_get_EVP_PKEY(key); - if (!X509_check_private_key(x509p->x509, pkey)) { + if (!X509_check_private_key(x509, pkey)) { OSSL_Warning("Check private key:"); result = Qfalse; } else @@ -590,14 +534,14 @@ ossl_x509_check_private_key(VALUE self, VALUE key) static VALUE ossl_x509_get_extensions(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; int count = 0, i; X509_EXTENSION *ext = NULL; VALUE ary; - GetX509(self, x509p); + GetX509(self, x509); - count = X509_get_ext_count(x509p->x509); + count = X509_get_ext_count(x509); if (count > 0) ary = rb_ary_new2(count); @@ -605,7 +549,7 @@ ossl_x509_get_extensions(VALUE self) return rb_ary_new(); for (i=0; i<count; i++) { - ext = X509_get_ext(x509p->x509, i); /* NO DUP - don't free! */ + ext = X509_get_ext(x509, i); /* NO DUP - don't free! */ rb_ary_push(ary, ossl_x509ext_new(ext)); } @@ -618,24 +562,24 @@ ossl_x509_get_extensions(VALUE self) static VALUE ossl_x509_set_extensions(VALUE self, VALUE ary) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_EXTENSION *ext = NULL; int i = 0; - GetX509(self, x509p); + GetX509(self, x509); Check_Type(ary, T_ARRAY); for (i=0; i<RARRAY(ary)->len; i++) { /* All ary's members should be X509Extension */ OSSL_Check_Type(RARRAY(ary)->ptr[i], cX509Extension); } - sk_X509_EXTENSION_pop_free(x509p->x509->cert_info->extensions, X509_EXTENSION_free); - x509p->x509->cert_info->extensions = NULL; + sk_X509_EXTENSION_pop_free(x509->cert_info->extensions, X509_EXTENSION_free); + x509->cert_info->extensions = NULL; for (i=0; i<RARRAY(ary)->len; i++) { ext = ossl_x509ext_get_X509_EXTENSION(RARRAY(ary)->ptr[i]); - if (!X509_add_ext(x509p->x509, ext, -1)) { /* DUPs ext - FREE it */ + if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */ X509_EXTENSION_free(ext); OSSL_Raise(eX509CertificateError, ""); } @@ -648,15 +592,14 @@ ossl_x509_set_extensions(VALUE self, VALUE ary) static VALUE ossl_x509_add_extension(VALUE self, VALUE extension) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_EXTENSION *ext = NULL; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(extension, cX509Extension); ext = ossl_x509ext_get_X509_EXTENSION(extension); - if (!X509_add_ext(x509p->x509, ext, -1)) { /* DUPs ext - FREE it */ + if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */ X509_EXTENSION_free(ext); OSSL_Raise(eX509CertificateError, ""); } |