From 7ed17afc8c327bc88d1510255d284487d06f226c Mon Sep 17 00:00:00 2001 From: Michal Rokos Date: Mon, 11 Mar 2002 17:20:04 +0000 Subject: * Big internal cleanup (all structs with only 1 member rearranged) * improved getting time_t from cTime --- ChangeLog | 4 + ossl.c | 12 +++ ossl.h | 4 + ossl_bn.c | 16 +--- ossl_cipher.c | 1 + ossl_config.c | 58 ++++------- ossl_digest.c | 88 +++++++---------- ossl_hmac.c | 64 +++++-------- ossl_ns_spki.c | 109 +++++++++------------ ossl_pkcs7.c | 251 +++++++++++++++++++----------------------------- ossl_pkey.c | 14 +-- ossl_x509.c | 277 +++++++++++++++++++++-------------------------------- ossl_x509attr.c | 57 +++-------- ossl_x509crl.c | 223 ++++++++++++++++++------------------------ ossl_x509ext.c | 66 ++++--------- ossl_x509name.c | 71 ++++++-------- ossl_x509req.c | 183 ++++++++++++++--------------------- ossl_x509revoked.c | 131 ++++++++++--------------- 18 files changed, 639 insertions(+), 990 deletions(-) diff --git a/ChangeLog b/ChangeLog index aec5d90..1c2f38a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,10 @@ Copyright (C) 2001 Michal Rokos All rights reserved. $Log$ +Revision 1.35 2002/03/11 17:20:22 majkl + * Big internal cleanup (all structs with only 1 member rearranged) + * improved getting time_t from cTime + Revision 1.34 2002/03/06 08:05:05 majkl * build fix-ups diff --git a/ossl.c b/ossl.c index 86e4e0f..1711e3d 100644 --- a/ossl.c +++ b/ossl.c @@ -69,6 +69,18 @@ asn1time_to_time(ASN1_UTCTIME *time) return rb_time_new(mktime(&tm), 0); /* or this one? */ } +extern struct timeval rb_time_timeval(VALUE time); + +time_t +time_to_time_t(VALUE time) +{ + struct timeval t; + + t = rb_time_timeval(time); + + return t.tv_sec; +} + /* * Modules */ diff --git a/ossl.h b/ossl.h index a3c7595..c56f26e 100644 --- a/ossl.h +++ b/ossl.h @@ -87,12 +87,15 @@ extern VALUE cDigest; extern VALUE eDigestError; extern VALUE cMD2, cMD4, cMD5, cMDC2, cRIPEMD160, cSHA, cSHA1, cDSS, cDSS1; /* PKey */ +extern ID id_private_q; extern VALUE cPKey; extern VALUE ePKeyError; extern VALUE cRSA; extern VALUE eRSAError; extern VALUE cDSA; extern VALUE eDSAError; +extern VALUE cDH; +extern VALUE eDHError; /* PKCS7 */ extern VALUE cPKCS7; extern VALUE cPKCS7SignerInfo; @@ -120,6 +123,7 @@ void ossl_check_instance(VALUE, VALUE); * DATE conversion */ VALUE asn1time_to_time(ASN1_UTCTIME *); +time_t time_to_time_t(VALUE); /* * ERRor messages diff --git a/ossl_bn.c b/ossl_bn.c index 7265d93..2398bf8 100644 --- a/ossl_bn.c +++ b/ossl_bn.c @@ -11,14 +11,8 @@ /* modified by Michal Rokos */ #include "ossl.h" -#define WrapBN(obj, bn) {\ - if (!bn) rb_raise(eBNError, "not initialized!");\ - obj = Data_Wrap_Struct(cBN, 0, BN_clear_free, bn);\ -} -#define GetBN(obj, bn) {\ - Data_Get_Struct(obj, BIGNUM, bn);\ - if (!bn) rb_raise(eBNError, "not initialized!");\ -} +#define WrapBN(obj, bn) obj = Data_Wrap_Struct(cBN, 0, BN_clear_free, bn) +#define GetBN(obj, bn) Data_Get_Struct(obj, BIGNUM, bn) /* * Classes @@ -26,7 +20,6 @@ VALUE cBN; VALUE eBNError; - /* * Public */ @@ -51,9 +44,10 @@ ossl_bn_new(BIGNUM *bn) BIGNUM * ossl_bn_get_BIGNUM(VALUE obj) { - BIGNUM *bn = NULL, *new = NULL; + BIGNUM *bn = NULL, *new; OSSL_Check_Type(obj, cBN); + GetBN(obj, bn); if (!(new = BN_dup(bn))) { @@ -338,7 +332,7 @@ ossl_bn_mod_inverse(VALUE self, VALUE other) OSSL_Raise(eBNError, ""); } BN_CTX_init(&ctx); - if (BN_mod_inverse(result, bn1, bn2, &ctx) == NULL) { + if (!BN_mod_inverse(result, bn1, bn2, &ctx)) { BN_free(result); OSSL_Raise(eBNError, ""); } diff --git a/ossl_cipher.c b/ossl_cipher.c index 14d6a14..e3bb9ff 100644 --- a/ossl_cipher.c +++ b/ossl_cipher.c @@ -77,6 +77,7 @@ ossl_cipher_get_EVP_CIPHER(VALUE obj) ossl_cipher *ciphp = NULL; OSSL_Check_Type(obj, cCipher); + GetCipher(obj, ciphp); return EVP_get_cipherbynid(ciphp->nid); /*EVP_CIPHER_CTX_cipher(ciphp->ctx);*/ diff --git a/ossl_config.c b/ossl_config.c index a559d97..01508a9 100644 --- a/ossl_config.c +++ b/ossl_config.c @@ -10,15 +10,8 @@ */ #include "ossl.h" -#define MakeConfig(obj, confp) {\ - obj = Data_Make_Struct(cConfig, ossl_config, 0, ossl_config_free, confp);\ -} - -#define GetConfig_unsafe(obj, confp) Data_Get_Struct(obj, ossl_config, confp) -#define GetConfig(obj, confp) {\ - GetConfig_unsafe(obj, confp);\ - if (!confp->config) rb_raise(eConfigError, "not initialized!");\ -} +#define WrapConfig(obj, conf) obj = Data_Wrap_Struct(cConfig, 0, CONF_free, conf) +#define GetConfig(obj, conf) Data_Get_Struct(obj, LHASH, conf) /* * Classes @@ -26,23 +19,6 @@ VALUE cConfig; VALUE eConfigError; -/* - * Struct - */ -typedef struct ossl_config_st { - LHASH *config; -} ossl_config; - -static void -ossl_config_free(ossl_config *confp) -{ - if (confp) { - if (confp->config) CONF_free(confp->config); - confp->config = NULL; - free(confp); - } -} - /* * Public */ @@ -51,18 +27,18 @@ ossl_config_free(ossl_config *confp) * Private */ static VALUE -ossl_config_s_load(int argc, VALUE* argv, VALUE klass) +ossl_config_s_load(int argc, VALUE *argv, VALUE klass) { - ossl_config *confp = NULL; - LHASH *config = NULL; + LHASH *conf = NULL; long err_line = 0; VALUE obj, path; rb_scan_args(argc, argv, "10", &path); - + + path = rb_str_to_str(path); Check_SafeStr(path); - if (!(config = CONF_load(NULL, RSTRING(path)->ptr, &err_line))) { + if (!(conf = CONF_load(NULL, RSTRING(path)->ptr, &err_line))) { if (err_line <= 0) rb_raise(eConfigError, "wrong config file %s", RSTRING(path)->ptr); else @@ -70,8 +46,7 @@ ossl_config_s_load(int argc, VALUE* argv, VALUE klass) err_line, RSTRING(path)->ptr); } - MakeConfig(obj, confp); - confp->config = config; + WrapConfig(obj, conf); return obj; } @@ -79,10 +54,10 @@ ossl_config_s_load(int argc, VALUE* argv, VALUE klass) static VALUE ossl_config_get_value(VALUE self, VALUE section, VALUE item) { - ossl_config *confp = NULL; + LHASH *conf = NULL; char *sect = NULL, *str = NULL; - GetConfig(self, confp); + GetConfig(self, conf); if (!NIL_P(section)) { section = rb_String(section); @@ -90,28 +65,31 @@ ossl_config_get_value(VALUE self, VALUE section, VALUE item) } item = rb_String(item); - if (!(str = CONF_get_string(confp->config, sect, RSTRING(item)->ptr))) { + if (!(str = CONF_get_string(conf, sect, RSTRING(item)->ptr))) { OSSL_Raise(eConfigError, ""); } return rb_str_new2(str); } -/* long number = CONF_get_number(confp->config, sect, RSTRING(item)->ptr); */ +/* + * Get all numbers as strings - use str.to_i to convert + * long number = CONF_get_number(confp->config, sect, RSTRING(item)->ptr); + */ static VALUE ossl_config_get_section(VALUE self, VALUE section) { - ossl_config *confp = NULL; + LHASH *conf = NULL; STACK_OF(CONF_VALUE) *sk = NULL; CONF_VALUE *entry = NULL; int i, entries = 0; VALUE hash; - GetConfig(self, confp); + GetConfig(self, conf); section = rb_String(section); - if (!(sk = CONF_get_section(confp->config, RSTRING(section)->ptr))) { + if (!(sk = CONF_get_section(conf, RSTRING(section)->ptr))) { OSSL_Raise(eConfigError, ""); } diff --git a/ossl_digest.c b/ossl_digest.c index c77f432..8a62b3f 100644 --- a/ossl_digest.c +++ b/ossl_digest.c @@ -10,10 +10,8 @@ */ #include "ossl.h" -#define MakeDigest(klass, obj, digestp) {\ - obj = Data_Make_Struct(klass, ossl_digest, 0, ossl_digest_free, digestp);\ -} -#define GetDigest(obj, digestp) Data_Get_Struct(obj, ossl_digest, digestp) +#define WrapDigest(klass, obj, ctx) obj = Data_Wrap_Struct(klass, 0, CRYPTO_free, ctx) +#define GetDigest(obj, ctx) Data_Get_Struct(obj, EVP_MD_CTX, ctx) /* * Classes @@ -23,60 +21,49 @@ VALUE eDigestError; VALUE cMD2, cMD4, cMD5, cMDC2, cRIPEMD160, cSHA, cSHA1, cDSS, cDSS1; /* - * Struct - */ -typedef struct ossl_digest_st { - EVP_MD_CTX *md; -} ossl_digest; - -static void -ossl_digest_free(ossl_digest *digestp) -{ - if (digestp) { - if (digestp->md) OPENSSL_free(digestp->md); - digestp->md = NULL; - free(digestp); - } -} - -/* - * PUBLIC + * Public */ int ossl_digest_get_NID(VALUE obj) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL; OSSL_Check_Type(obj, cDigest); - GetDigest(obj, digestp); - return EVP_MD_CTX_type(digestp->md); /*== digestp->md->digest->type*/ + GetDigest(obj, ctx); + + return EVP_MD_CTX_type(ctx); /*== ctx->digest->type*/ } const EVP_MD * ossl_digest_get_EVP_MD(VALUE obj) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL; OSSL_Check_Type(obj, cDigest); - GetDigest(obj, digestp); - return EVP_MD_CTX_md(digestp->md); /*== digestp->md->digest*/ + GetDigest(obj, ctx); + + return EVP_MD_CTX_md(ctx); /*== ctx->digest*/ } /* - * PRIVATE + * Private */ static VALUE ossl_digest_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL; VALUE obj; if (klass == cDigest) rb_raise(rb_eNotImpError, "cannot do Digest::ANY.new - it is an abstract class"); - MakeDigest(klass, obj, digestp); + if (!(ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX)))) { + OSSL_Raise(eDigestError, "Cannot allocate memory for a digest's CTX"); + } + WrapDigest(klass, obj, ctx); + rb_obj_call_init(obj, argc, argv); return obj; @@ -85,13 +72,13 @@ ossl_digest_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_digest_update(VALUE self, VALUE data) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL; - GetDigest(self, digestp); + GetDigest(self, ctx); data = rb_String(data); - EVP_DigestUpdate(digestp->md, RSTRING(data)->ptr, RSTRING(data)->len); + EVP_DigestUpdate(ctx, RSTRING(data)->ptr, RSTRING(data)->len); return self; } @@ -99,15 +86,14 @@ ossl_digest_update(VALUE self, VALUE data) static VALUE ossl_digest_digest(VALUE self) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL, final; char *digest_txt = NULL; int digest_len = 0; - EVP_MD_CTX final; VALUE digest; - GetDigest(self, digestp); + GetDigest(self, ctx); - if (!EVP_MD_CTX_copy(&final, digestp->md)) { + if (!EVP_MD_CTX_copy(&final, ctx)) { OSSL_Raise(eDigestError, ""); } if (!(digest_txt = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) { @@ -127,16 +113,15 @@ ossl_digest_digest(VALUE self) static VALUE ossl_digest_hexdigest(VALUE self) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL, final; static const char hex[]="0123456789abcdef"; char *digest_txt = NULL, *hexdigest_txt = NULL; int i,digest_len = 0; - EVP_MD_CTX final; VALUE hexdigest; - GetDigest(self, digestp); + GetDigest(self, ctx); - if (!EVP_MD_CTX_copy(&final, digestp->md)) { + if (!EVP_MD_CTX_copy(&final, ctx)) { OSSL_Raise(eDigestError, ""); } if (!(digest_txt = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) { @@ -166,15 +151,14 @@ ossl_digest_hexdigest(VALUE self) static VALUE ossl_digest_hexdigest(VALUE self) { - ossl_digest *digestp = NULL; + EVP_MD_CTX *ctx = NULL, final; unsigned char *digest_txt = NULL, *hexdigest_txt = NULL; int i,digest_len = 0; - EVP_MD_CTX final; VALUE hexdigest; - GetDigest(self, digestp); + GetDigest(self, ctx); - if (!EVP_MD_CTX_copy(&final, digestp->md)) { + if (!EVP_MD_CTX_copy(&final, ctx)) { OSSL_Raise(eDigestError, ""); } @@ -199,18 +183,16 @@ ossl_digest_hexdigest(VALUE self) static VALUE \ ossl_##dgst##_initialize(int argc, VALUE *argv, VALUE self) \ { \ - ossl_digest *digestp = NULL; \ + EVP_MD_CTX *ctx = NULL; \ VALUE data; \ \ - GetDigest(self, digestp); \ - if (!(digestp->md = OPENSSL_malloc(sizeof(EVP_MD_CTX)))) { \ - OSSL_Raise(eDigestError, "Cannot allocate memory for a digest's CTX"); \ - } \ - EVP_DigestInit(digestp->md, EVP_##dgst()); \ + GetDigest(self, ctx); \ + \ + EVP_DigestInit(ctx, EVP_##dgst()); \ \ if (rb_scan_args(argc, argv, "01", &data) == 1) { \ data = rb_String(data); \ - EVP_DigestUpdate(digestp->md, RSTRING(data)->ptr, RSTRING(data)->len); \ + EVP_DigestUpdate(ctx, RSTRING(data)->ptr, RSTRING(data)->len); \ } \ return self; \ } diff --git a/ossl_hmac.c b/ossl_hmac.c index e49072b..f09775f 100644 --- a/ossl_hmac.c +++ b/ossl_hmac.c @@ -12,10 +12,8 @@ #include "ossl.h" -#define MakeHMAC(obj, hmacp) {\ - obj = Data_Make_Struct(cHMAC, ossl_hmac, 0, ossl_hmac_free, hmacp);\ -} -#define GetHMAC(obj, hmacp) Data_Get_Struct(obj, ossl_hmac, hmacp) +#define WrapHMAC(obj, ctx) obj = Data_Wrap_Struct(cHMAC, 0, CRYPTO_free, ctx) +#define GetHMAC(obj, ctx) Data_Get_Struct(obj, HMAC_CTX, ctx) /* * Classes @@ -24,36 +22,23 @@ VALUE cHMAC; VALUE eHMACError; /* - * Struct + * Public */ -typedef struct ossl_hmac_st { - HMAC_CTX *hmac; -} ossl_hmac; - -static void -ossl_hmac_free(ossl_hmac *hmacp) -{ - if (hmacp) { - if (hmacp->hmac) OPENSSL_free(hmacp->hmac); - hmacp->hmac = NULL; - free(hmacp); - } -} /* - * PUBLIC - */ - -/* - * PRIVATE + * Private */ static VALUE ossl_hmac_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_hmac *hmacp = NULL; + HMAC_CTX *ctx = NULL; VALUE obj; - MakeHMAC(obj, hmacp); + if (!(ctx = OPENSSL_malloc(sizeof(HMAC_CTX)))) { + OSSL_Raise(eHMACError, ""); + } + WrapHMAC(obj, ctx); + rb_obj_call_init(obj, argc, argv); return obj; @@ -62,21 +47,18 @@ ossl_hmac_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_hmac_initialize(int argc, VALUE *argv, VALUE self) { - ossl_hmac *hmacp = NULL; + HMAC_CTX *ctx = NULL; const EVP_MD *md = NULL; VALUE key, digest; - GetHMAC(self, hmacp); + GetHMAC(self, ctx); rb_scan_args(argc, argv, "20", &key, &digest); key = rb_String(key); md = ossl_digest_get_EVP_MD(digest); - if (!(hmacp->hmac = OPENSSL_malloc(sizeof(HMAC_CTX)))) { - OSSL_Raise(eHMACError, ""); - } - HMAC_Init(hmacp->hmac, RSTRING(key)->ptr, RSTRING(key)->len, md); + HMAC_Init(ctx, RSTRING(key)->ptr, RSTRING(key)->len, md); return self; } @@ -84,13 +66,13 @@ ossl_hmac_initialize(int argc, VALUE *argv, VALUE self) static VALUE ossl_hmac_update(VALUE self, VALUE data) { - ossl_hmac *hmacp = NULL; + HMAC_CTX *ctx = NULL; - GetHMAC(self, hmacp); + GetHMAC(self, ctx); data = rb_String(data); - HMAC_Update(hmacp->hmac, RSTRING(data)->ptr, RSTRING(data)->len); + HMAC_Update(ctx, RSTRING(data)->ptr, RSTRING(data)->len); return self; } @@ -98,15 +80,14 @@ ossl_hmac_update(VALUE self, VALUE data) static VALUE ossl_hmac_hmac(VALUE self) { - ossl_hmac *hmacp = NULL; + HMAC_CTX *ctx = NULL, final; char *buf = NULL; int buf_len = 0; - HMAC_CTX final; VALUE str; - GetHMAC(self, hmacp); + GetHMAC(self, ctx); - if (!HMAC_CTX_copy(&final, hmacp->hmac)) { + if (!HMAC_CTX_copy(&final, ctx)) { OSSL_Raise(eHMACError, ""); } if (!(buf = OPENSSL_malloc(HMAC_size(&final)))) { @@ -123,16 +104,15 @@ ossl_hmac_hmac(VALUE self) static VALUE ossl_hmac_hexhmac(VALUE self) { - ossl_hmac *hmacp = NULL; + HMAC_CTX *ctx = NULL, final; static const char hex[]="0123456789abcdef"; char *buf = NULL, *hexbuf = NULL; int i,buf_len = 0; - HMAC_CTX final; VALUE str; - GetHMAC(self, hmacp); + GetHMAC(self, ctx); - if (!HMAC_CTX_copy(&final, hmacp->hmac)) { + if (!HMAC_CTX_copy(&final, ctx)) { OSSL_Raise(eHMACError, "Cannot copy HMAC CTX"); } if (!(buf = OPENSSL_malloc(HMAC_size(&final)))) { diff --git a/ossl_ns_spki.c b/ossl_ns_spki.c index f77ac0e..aa693af 100644 --- a/ossl_ns_spki.c +++ b/ossl_ns_spki.c @@ -10,10 +10,8 @@ */ #include "ossl.h" -#define MakeSPKI(obj, spkip) {\ - obj = Data_Make_Struct(cSPKI, ossl_spki, 0, ossl_spki_free, spkip);\ -} -#define GetSPKI(obj, spkip) Data_Get_Struct(obj, ossl_spki, spkip) +#define WrapSPKI(obj, spkip) obj = Data_Wrap_Struct(cSPKI, 0, NETSCAPE_SPKI_free, spki) +#define GetSPKI(obj, spki) Data_Get_Struct(obj, NETSCAPE_SPKI, spki) /* * Classes @@ -21,23 +19,6 @@ VALUE cSPKI; VALUE eSPKIError; -/* - * Struct - */ -typedef struct ossl_spki_st { - NETSCAPE_SPKI *spki; -} ossl_spki; - -static void -ossl_spki_free(ossl_spki *spkip) -{ - if(spkip) { - if(spkip->spki) NETSCAPE_SPKI_free(spkip->spki); - spkip->spki = NULL; - free(spkip); - } -} - /* * Public functions */ @@ -48,10 +29,15 @@ ossl_spki_free(ossl_spki *spkip) static VALUE ossl_spki_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; VALUE obj; - MakeSPKI(obj, spkip); + if (!(spki = NETSCAPE_SPKI_new())) { + OSSL_Raise(eSPKIError, ""); + } + + WrapSPKI(obj, spki); + rb_obj_call_init(obj, argc, argv); return obj; @@ -60,26 +46,20 @@ ossl_spki_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_spki_initialize(int argc, VALUE *argv, VALUE self) { - ossl_spki *spkip = NULL; NETSCAPE_SPKI *spki = NULL; VALUE buffer; - GetSPKI(self, spkip); - - rb_scan_args(argc, argv, "01", &buffer); - - switch (TYPE(buffer)) { - case T_NIL: - spki = NETSCAPE_SPKI_new(); - break; - default: - buffer = rb_String(buffer); - spki = NETSCAPE_SPKI_b64_decode(RSTRING(buffer)->ptr, -1); - } - if (!spki) + if (argc == 0) + return self; + + buffer = rb_String(argv[0]); + + if (!(spki = NETSCAPE_SPKI_b64_decode(RSTRING(buffer)->ptr, -1))) { OSSL_Raise(eSPKIError, ""); + } - spkip->spki = spki; + NETSCAPE_SPKI_free(DATA_PTR(self)); + DATA_PTR(self) = spki; return self; } @@ -87,13 +67,13 @@ ossl_spki_initialize(int argc, VALUE *argv, VALUE self) static VALUE ossl_spki_to_pem(VALUE self) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; char *data = NULL; VALUE str; - GetSPKI(self, spkip); + GetSPKI(self, spki); - if (!(data = NETSCAPE_SPKI_b64_encode(spkip->spki))) { + if (!(data = NETSCAPE_SPKI_b64_encode(spki))) { OSSL_Raise(eSPKIError, ""); } @@ -106,17 +86,17 @@ ossl_spki_to_pem(VALUE self) static VALUE ossl_spki_to_text(VALUE self) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetSPKI(self, spkip); + GetSPKI(self, spki); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eSPKIError, ""); } - if (!NETSCAPE_SPKI_print(out, spkip->spki)) { + if (!NETSCAPE_SPKI_print(out, spki)) { BIO_free(out); OSSL_Raise(eSPKIError, ""); } @@ -130,12 +110,12 @@ ossl_spki_to_text(VALUE self) static VALUE ossl_spki_get_public_key(VALUE self) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; - GetSPKI(self, spkip); + GetSPKI(self, spki); - if (!(pkey = NETSCAPE_SPKI_get_pubkey(spkip->spki))) { + if (!(pkey = NETSCAPE_SPKI_get_pubkey(spki))) { OSSL_Raise(eSPKIError, ""); } @@ -145,14 +125,14 @@ ossl_spki_get_public_key(VALUE self) static VALUE ossl_spki_set_public_key(VALUE self, VALUE pubk) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; - GetSPKI(self, spkip); + GetSPKI(self, spki); pkey = ossl_pkey_get_EVP_PKEY(pubk); - if (!NETSCAPE_SPKI_set_pubkey(spkip->spki, pkey)) { + if (!NETSCAPE_SPKI_set_pubkey(spki, pkey)) { EVP_PKEY_free(pkey); OSSL_Raise(eSPKIError, ""); } @@ -163,12 +143,12 @@ ossl_spki_set_public_key(VALUE self, VALUE pubk) static VALUE ossl_spki_get_challenge(VALUE self) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; - GetSPKI(self, spkip); + GetSPKI(self, spki); - if (spkip->spki->spkac->challenge->length > 0) - return rb_str_new(spkip->spki->spkac->challenge->data, spkip->spki->spkac->challenge->length); + if (spki->spkac->challenge->length > 0) + return rb_str_new(spki->spkac->challenge->data, spki->spkac->challenge->length); return rb_str_new2(""); } @@ -176,12 +156,13 @@ ossl_spki_get_challenge(VALUE self) static VALUE ossl_spki_set_challenge(VALUE self, VALUE str) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; - GetSPKI(self, spkip); + GetSPKI(self, spki); + str = rb_String(str); - if (!ASN1_STRING_set(spkip->spki->spkac->challenge, RSTRING(str)->ptr, RSTRING(str)->len)) { + if (!ASN1_STRING_set(spki->spkac->challenge, RSTRING(str)->ptr, RSTRING(str)->len)) { OSSL_Raise(eSPKIError, ""); } @@ -191,20 +172,20 @@ ossl_spki_set_challenge(VALUE self, VALUE str) static VALUE ossl_spki_sign(VALUE self, VALUE key, VALUE digest) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; const EVP_MD *md = NULL; - GetSPKI(self, spkip); + GetSPKI(self, spki); md = ossl_digest_get_EVP_MD(digest); - if (rb_funcall(key, rb_intern("private?"), 0, NULL) == Qfalse) { + if (rb_funcall(key, id_private_q, 0, NULL) == Qfalse) { rb_raise(eSPKIError, "PRIVATE key needed to sign REQ!"); } pkey = ossl_pkey_get_EVP_PKEY(key); - if (!NETSCAPE_SPKI_sign(spkip->spki, pkey, md)) { + if (!NETSCAPE_SPKI_sign(spki, pkey, md)) { EVP_PKEY_free(pkey); OSSL_Raise(eSPKIError, ""); } @@ -218,15 +199,15 @@ ossl_spki_sign(VALUE self, VALUE key, VALUE digest) static VALUE ossl_spki_verify(VALUE self, VALUE key) { - ossl_spki *spkip = NULL; + NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; int result = 0; - GetSPKI(self, spkip); + GetSPKI(self, spki); pkey = ossl_pkey_get_EVP_PKEY(key); - result = NETSCAPE_SPKI_verify(spkip->spki, pkey); + result = NETSCAPE_SPKI_verify(spki, pkey); EVP_PKEY_free(pkey); if (result < 0) { diff --git a/ossl_pkcs7.c b/ossl_pkcs7.c index 93c748b..07c828d 100644 --- a/ossl_pkcs7.c +++ b/ossl_pkcs7.c @@ -10,23 +10,11 @@ */ #include "ossl.h" -#define MakePKCS7(obj, pkcs7p) {\ - obj = Data_Make_Struct(cPKCS7, ossl_pkcs7, 0, ossl_pkcs7_free, pkcs7p);\ -} -#define GetPKCS7_unsafe(obj, pkcs7p) Data_Get_Struct(obj, ossl_pkcs7, pkcs7p) -#define GetPKCS7(obj, pkcs7p) {\ - GetPKCS7_unsafe(obj, pkcs7p);\ - if (!pkcs7p->pkcs7) rb_raise(ePKCS7Error, "not initialized!");\ -} +#define WrapPKCS7(obj, pkcs7) obj = Data_Wrap_Struct(cPKCS7, 0, PKCS7_free, pkcs7) +#define GetPKCS7(obj, pkcs7) Data_Get_Struct(obj, PKCS7, pkcs7) -#define MakePKCS7si(obj, p7sip) {\ - obj = Data_Make_Struct(cPKCS7SignerInfo, ossl_pkcs7si, 0, ossl_pkcs7si_free, p7sip);\ -} -#define GetPKCS7si_unsafe(obj, p7sip) Data_Get_Struct(obj, ossl_pkcs7si, p7sip) -#define GetPKCS7si(obj, p7sip) {\ - GetPKCS7si_unsafe(obj, p7sip);\ - if (!p7sip->signer) rb_raise(ePKCS7Error, "not initialized!");\ -} +#define WrapPKCS7si(obj, p7si) obj = Data_Wrap_Struct(cPKCS7SignerInfo, 0, PKCS7_SIGNER_INFO_free, p7si) +#define GetPKCS7si(obj, p7si) Data_Get_Struct(obj, PKCS7_SIGNER_INFO, p7si) /* * Constants @@ -46,56 +34,23 @@ VALUE cPKCS7; VALUE cPKCS7SignerInfo; VALUE ePKCS7Error; -/* - * Struct - */ -typedef struct ossl_pkcs7_st { - PKCS7 *pkcs7; -} ossl_pkcs7; - -typedef struct ossl_pkcs7si_st { - PKCS7_SIGNER_INFO *signer; -} ossl_pkcs7si; - -static void -ossl_pkcs7_free(ossl_pkcs7 *pkcs7p) -{ - if (pkcs7p) { - if (pkcs7p->pkcs7) PKCS7_free(pkcs7p->pkcs7); - pkcs7p->pkcs7 = NULL; - free(pkcs7p); - } -} - -static void -ossl_pkcs7si_free(ossl_pkcs7si *p7sip) -{ - if (p7sip) { - if (p7sip->signer) PKCS7_SIGNER_INFO_free(p7sip->signer); - p7sip->signer = NULL; - free(p7sip); - } -} - /* * Public */ VALUE -ossl_pkcs7si_new(PKCS7_SIGNER_INFO *si) +ossl_pkcs7si_new(PKCS7_SIGNER_INFO *p7si) { - ossl_pkcs7si *p7sip = NULL; PKCS7_SIGNER_INFO *new = NULL; VALUE obj; - if (!si) + if (!p7si) new = PKCS7_SIGNER_INFO_new(); - else new = PKCS7_SIGNER_INFO_dup(si); + else new = PKCS7_SIGNER_INFO_dup(p7si); if (!new) OSSL_Raise(ePKCS7Error, ""); - MakePKCS7si(obj, p7sip); - p7sip->signer = new; + WrapPKCS7si(obj, new); return obj; } @@ -103,16 +58,16 @@ ossl_pkcs7si_new(PKCS7_SIGNER_INFO *si) PKCS7_SIGNER_INFO * ossl_pkcs7si_get_PKCS7_SIGNER_INFO(VALUE obj) { - ossl_pkcs7si *p7sip = NULL; - PKCS7_SIGNER_INFO *si = NULL; + PKCS7_SIGNER_INFO *p7si = NULL, *new; OSSL_Check_Type(obj, cPKCS7SignerInfo); - GetPKCS7si(obj, p7sip); + + GetPKCS7si(obj, p7si); - if (!(si = PKCS7_SIGNER_INFO_dup(p7sip->signer))) + if (!(new = PKCS7_SIGNER_INFO_dup(p7si))) { OSSL_Raise(ePKCS7Error, ""); - - return si; + } + return new; } /* @@ -122,18 +77,17 @@ ossl_pkcs7si_get_PKCS7_SIGNER_INFO(VALUE obj) * WORKS WELL, but we can implement this in Ruby space static VALUE ossl_pkcs7_s_sign(VALUE klass, VALUE key, VALUE cert, VALUE data) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; EVP_PKEY *pkey = NULL; X509 *x509 = NULL; BIO *bio = NULL; - PKCS7 *p7 = NULL; VALUE obj; OSSL_Check_Type(key, cPKey); OSSL_Check_Type(cert, X509Certificate); data = rb_String(data); - if (rb_funcall(key, rb_intern("private?"), 0, NULL) != Qtrue) { + if (rb_funcall(key, id_private_q, 0, NULL) != Qtrue) { rb_raise(ePKCS7Error, "private key needed!"); } @@ -145,7 +99,7 @@ static VALUE ossl_pkcs7_s_sign(VALUE klass, VALUE key, VALUE cert, VALUE data) X509_free(x509); OSSL_Raise(ePKCS7Error, ""); } - if (!(p7 = PKCS7_sign(x509, pkey, NULL, bio, 0))) { + if (!(pkcs7 = PKCS7_sign(x509, pkey, NULL, bio, 0))) { EVP_PKEY_free(pkey); X509_free(x509); BIO_free(bio); @@ -155,8 +109,7 @@ static VALUE ossl_pkcs7_s_sign(VALUE klass, VALUE key, VALUE cert, VALUE data) X509_free(x509); BIO_free(bio); - MakePKCS7(obj, p7p); - p7p->pkcs7 = p7; + WrapPKCS7(obj, pkcs7); return obj; } @@ -165,10 +118,14 @@ static VALUE ossl_pkcs7_s_sign(VALUE klass, VALUE key, VALUE cert, VALUE data) static VALUE ossl_pkcs7_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_pkcs7 *pkcs7p = NULL; + PKCS7 *pkcs7 = NULL; VALUE obj; - MakePKCS7(obj, pkcs7p); + if (!(pkcs7 = PKCS7_new())) { + OSSL_Raise(ePKCS7Error, ""); + } + + WrapPKCS7(obj, pkcs7); rb_obj_call_init(obj, argc, argv); @@ -178,22 +135,17 @@ ossl_pkcs7_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; BIO *in = NULL; - PKCS7 *p7 = NULL; VALUE arg1; - GetPKCS7_unsafe(self, p7p); - rb_scan_args(argc, argv, "10", &arg1); switch (TYPE(arg1)) { case T_FIXNUM: - if (!(p7 = PKCS7_new())) { - OSSL_Raise(ePKCS7Error, ""); - } - if(!PKCS7_set_type(p7, FIX2INT(arg1))) { - PKCS7_free(p7); + GetPKCS7(self, pkcs7); + + if(!PKCS7_set_type(pkcs7, FIX2INT(arg1))) { OSSL_Raise(ePKCS7Error, ""); } break; @@ -202,13 +154,12 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) if (!(in = BIO_new_mem_buf(RSTRING(arg1)->ptr, RSTRING(arg1)->len))) { OSSL_Raise(ePKCS7Error, ""); } - if (!(p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL))) { + if (!PEM_read_bio_PKCS7(in, (PKCS7 **)&DATA_PTR(self), NULL, NULL)) { BIO_free(in); OSSL_Raise(ePKCS7Error, ""); } BIO_free(in); } - p7p->pkcs7 = p7; return self; } @@ -216,13 +167,13 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) static VALUE ossl_pkcs7_set_cipher(VALUE self, VALUE cipher) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); OSSL_Check_Type(cipher, cCipher); - if (!PKCS7_set_cipher(p7p->pkcs7, ossl_cipher_get_EVP_CIPHER(cipher))) { + if (!PKCS7_set_cipher(pkcs7, ossl_cipher_get_EVP_CIPHER(cipher))) { OSSL_Raise(ePKCS7Error, ""); } @@ -230,30 +181,31 @@ ossl_pkcs7_set_cipher(VALUE self, VALUE cipher) } static VALUE -ossl_pkcs7_add_signer(VALUE self, VALUE signer, VALUE pkey) +ossl_pkcs7_add_signer(VALUE self, VALUE signer, VALUE key) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; PKCS7_SIGNER_INFO *si = NULL; - EVP_PKEY *key = NULL; + EVP_PKEY *pkey = NULL; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); OSSL_Check_Type(signer, cPKCS7SignerInfo); - OSSL_Check_Type(pkey, cPKey); + OSSL_Check_Type(key, cPKey); - if (rb_funcall(pkey, rb_intern("private?"), 0, NULL) != Qtrue) { + if (rb_funcall(key, id_private_q, 0, NULL) != Qtrue) { rb_raise(ePKCS7Error, "Private key needed!"); } + si = ossl_pkcs7si_get_PKCS7_SIGNER_INFO(signer); - key = ossl_pkey_get_EVP_PKEY(pkey); - si->pkey = key; + pkey = ossl_pkey_get_EVP_PKEY(key); + si->pkey = pkey; - if (!PKCS7_add_signer(p7p->pkcs7, si)) { + if (!PKCS7_add_signer(pkcs7, si)) { PKCS7_SIGNER_INFO_free(si); OSSL_Raise(ePKCS7Error, "Could not add signer."); } - if (PKCS7_type_is_signed(p7p->pkcs7)) + if (PKCS7_type_is_signed(pkcs7)) PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)); return self; @@ -262,15 +214,15 @@ ossl_pkcs7_add_signer(VALUE self, VALUE signer, VALUE pkey) static VALUE ossl_pkcs7_get_signer(VALUE self) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; STACK_OF(PKCS7_SIGNER_INFO) *sk = NULL; PKCS7_SIGNER_INFO *si = NULL; int num = 0, i; VALUE ary; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); - if (!(sk = PKCS7_get_signer_info(p7p->pkcs7))) { + if (!(sk = PKCS7_get_signer_info(pkcs7))) { rb_warning("OpenSSL::PKCS7#get_signer_info == NULL!"); return rb_ary_new(); } @@ -292,19 +244,19 @@ ossl_pkcs7_get_signer(VALUE self) static VALUE ossl_pkcs7_add_recipient(VALUE self, VALUE cert) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; PKCS7_RECIP_INFO *ri = NULL; X509 *x509 = NULL; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); - OSSL_Check_Type(cert, cX509Certificate); + x509 = ossl_x509_get_X509(cert); if (!(ri = PKCS7_RECIP_INFO_new())) { + X509_free(x509); OSSL_Raise(ePKCS7Error, ""); } - x509 = ossl_x509_get_X509(cert); if (!PKCS7_RECIP_INFO_set(ri, x509)) { X509_free(x509); @@ -313,7 +265,7 @@ ossl_pkcs7_add_recipient(VALUE self, VALUE cert) } X509_free(x509); - if (!PKCS7_add_recipient_info(p7p->pkcs7, ri)) { + if (!PKCS7_add_recipient_info(pkcs7, ri)) { PKCS7_RECIP_INFO_free(ri); OSSL_Raise(ePKCS7Error, ""); } @@ -324,14 +276,14 @@ ossl_pkcs7_add_recipient(VALUE self, VALUE cert) static VALUE ossl_pkcs7_add_certificate(VALUE self, VALUE cert) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; X509 *x509 = NULL; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); x509 = ossl_x509_get_X509(cert); - if (!PKCS7_add_certificate(p7p->pkcs7, x509)) { /* DUPs x509 - free it! */ + if (!PKCS7_add_certificate(pkcs7, x509)) { /* DUPs x509 - free it! */ X509_free(x509); OSSL_Raise(ePKCS7Error, ""); } @@ -343,14 +295,14 @@ ossl_pkcs7_add_certificate(VALUE self, VALUE cert) static VALUE ossl_pkcs7_add_crl(VALUE self, VALUE x509crl) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; X509_CRL *crl = NULL; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); crl = ossl_x509crl_get_X509_CRL(x509crl); - if (!PKCS7_add_crl(p7p->pkcs7, crl)) { /* DUPs crl - free it! */ + if (!PKCS7_add_crl(pkcs7, crl)) { /* DUPs crl - free it! */ X509_CRL_free(crl); OSSL_Raise(ePKCS7Error, ""); } @@ -362,30 +314,30 @@ ossl_pkcs7_add_crl(VALUE self, VALUE x509crl) static VALUE ossl_pkcs7_add_data(int argc, VALUE *argv, VALUE self) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; BIO *bio = NULL; int i; VALUE data, detach; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); rb_scan_args(argc, argv, "11", &data, &detach); data = rb_String(data); - PKCS7_content_new(p7p->pkcs7, NID_pkcs7_data); + PKCS7_content_new(pkcs7, NID_pkcs7_data); if (detach == Qtrue) - PKCS7_set_detached(p7p->pkcs7, 1); + PKCS7_set_detached(pkcs7, 1); - if (!(bio=PKCS7_dataInit(p7p->pkcs7, NULL))) { + if (!(bio=PKCS7_dataInit(pkcs7, NULL))) { OSSL_Raise(ePKCS7Error, ""); } if ((i = BIO_write(bio, RSTRING(data)->ptr, RSTRING(data)->len)) != RSTRING(data)->len) { BIO_free(bio); rb_raise(ePKCS7Error, "BIO_wrote %d, but should be %d!", i, RSTRING(data)->len); } - if (!PKCS7_dataFinal(p7p->pkcs7, bio)) { + if (!PKCS7_dataFinal(pkcs7, bio)) { BIO_free(bio); OSSL_Raise(ePKCS7Error, ""); } @@ -397,7 +349,7 @@ ossl_pkcs7_add_data(int argc, VALUE *argv, VALUE self) static VALUE ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; BIO *bio = NULL, *data = NULL; char buf[1024*4]; int i = 0, result; @@ -407,9 +359,9 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) X509_STORE_CTX ctx; VALUE x509store, detached; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); - if (!PKCS7_type_is_signed(p7p->pkcs7)) { + if (!PKCS7_type_is_signed(pkcs7)) { rb_raise(ePKCS7Error, "Wrong content type - PKCS7 is not SIGNED"); } @@ -424,13 +376,13 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) } } - if (PKCS7_get_detached(p7p->pkcs7)) { + if (PKCS7_get_detached(pkcs7)) { if (!data) rb_raise(ePKCS7Error, "PKCS7 is detached, data needed!"); - bio = PKCS7_dataInit(p7p->pkcs7, data); + bio = PKCS7_dataInit(pkcs7, data); } else - bio = PKCS7_dataInit(p7p->pkcs7, NULL); + bio = PKCS7_dataInit(pkcs7, NULL); if (!bio) { if (data) BIO_free(data); @@ -444,12 +396,12 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) } /*BIO_free(bio); - shall we?*/ - if (!(sk = PKCS7_get_signer_info(p7p->pkcs7))) + if (!(sk = PKCS7_get_signer_info(pkcs7))) rb_raise(ePKCS7Error, "NO SIGNATURES ON THIS DATA"); for (i=0; ipkcs7, si); + result = PKCS7_dataVerify(store, &ctx, bio, pkcs7, si); if (result <= 0) { OSSL_Warning("PKCS7::PKCS7.verify_data():"); return Qfalse; @@ -465,30 +417,30 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) static VALUE ossl_pkcs7_data_decode(VALUE self, VALUE key, VALUE cert) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; EVP_PKEY *pkey = NULL; X509 *x509 = NULL; BIO *bio = NULL; BUF_MEM *buf = NULL; VALUE str; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); - if(!PKCS7_type_is_enveloped(p7p->pkcs7)) { + if(!PKCS7_type_is_enveloped(pkcs7)) { rb_raise(ePKCS7Error, "Wrong content type - PKCS7 is not ENVELOPED"); } OSSL_Check_Type(key, cPKey); OSSL_Check_Type(cert, cX509Certificate); - if (rb_funcall(key, rb_intern("private?"), 0, NULL) != Qtrue) { + if (rb_funcall(key, id_private_q, 0, NULL) != Qtrue) { rb_raise(ePKCS7Error, "private key needed!"); } pkey = ossl_pkey_get_EVP_PKEY(key); x509 = ossl_x509_get_X509(cert); - if (!(bio = PKCS7_dataDecode(p7p->pkcs7, pkey, NULL, x509))) { + if (!(bio = PKCS7_dataDecode(pkcs7, pkey, NULL, x509))) { EVP_PKEY_free(pkey); X509_free(x509); OSSL_Raise(ePKCS7Error, ""); @@ -506,17 +458,17 @@ ossl_pkcs7_data_decode(VALUE self, VALUE key, VALUE cert) static VALUE ossl_pkcs7_to_pem(VALUE self) { - ossl_pkcs7 *p7p = NULL; + PKCS7 *pkcs7 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetPKCS7(self, p7p); + GetPKCS7(self, pkcs7); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(ePKCS7Error, ""); } - if (!PEM_write_bio_PKCS7(out, p7p->pkcs7)) { + if (!PEM_write_bio_PKCS7(out, pkcs7)) { BIO_free(out); OSSL_Raise(ePKCS7Error, ""); } @@ -533,11 +485,10 @@ ossl_pkcs7_to_pem(VALUE self) static VALUE ossl_pkcs7si_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_pkcs7si *p7sip = NULL; VALUE obj; - MakePKCS7si(obj, p7sip); - + obj = ossl_pkcs7si_new(NULL); + rb_obj_call_init(obj, argc, argv); return obj; @@ -546,14 +497,13 @@ ossl_pkcs7si_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_pkcs7si_initialize(int argc, VALUE *argv, VALUE self) { - ossl_pkcs7si *p7sip = NULL; - PKCS7_SIGNER_INFO *si = NULL; + PKCS7_SIGNER_INFO *p7si = NULL; EVP_PKEY *pkey = NULL; X509 *x509 = NULL; const EVP_MD *md = NULL; VALUE key, cert, digest; - GetPKCS7si_unsafe(self, p7sip); + GetPKCS7si(self, p7si); rb_scan_args(argc, argv, "30", &cert, &key, &digest); @@ -561,66 +511,63 @@ ossl_pkcs7si_initialize(int argc, VALUE *argv, VALUE self) OSSL_Check_Type(cert, cX509Certificate); md = ossl_digest_get_EVP_MD(digest); - if (rb_funcall(key, rb_intern("private?"), 0, NULL) != Qtrue) { + if (rb_funcall(key, id_private_q, 0, NULL) != Qtrue) { rb_raise(ePKCS7Error, "private key needed!"); } pkey = ossl_pkey_get_EVP_PKEY(key); x509 = ossl_x509_get_X509(cert); - if (!(si = PKCS7_SIGNER_INFO_new())) { + if (!(PKCS7_SIGNER_INFO_set(p7si, x509, pkey, md))) { EVP_PKEY_free(pkey); X509_free(x509); OSSL_Raise(ePKCS7Error, ""); } - if (!(PKCS7_SIGNER_INFO_set(si, x509, pkey, md))) { - EVP_PKEY_free(pkey); - X509_free(x509); - PKCS7_SIGNER_INFO_free(si); - OSSL_Raise(ePKCS7Error, ""); - } EVP_PKEY_free(pkey); X509_free(x509); - p7sip->signer = si; - return self; } static VALUE ossl_pkcs7si_get_name(VALUE self) { - ossl_pkcs7si *p7sip = NULL; + PKCS7_SIGNER_INFO *p7si = NULL; - GetPKCS7si(self, p7sip); + GetPKCS7si(self, p7si); - return ossl_x509name_new(p7sip->signer->issuer_and_serial->issuer); + return ossl_x509name_new(p7si->issuer_and_serial->issuer); } static VALUE ossl_pkcs7si_get_serial(VALUE self) { - ossl_pkcs7si *p7sip = NULL; + PKCS7_SIGNER_INFO *p7si = NULL; - GetPKCS7si(self, p7sip); + GetPKCS7si(self, p7si); - return INT2NUM(ASN1_INTEGER_get(p7sip->signer->issuer_and_serial->serial)); + return INT2NUM(ASN1_INTEGER_get(p7si->issuer_and_serial->serial)); } static VALUE ossl_pkcs7si_get_signed_time(VALUE self) { - ossl_pkcs7si *p7sip = NULL; + PKCS7_SIGNER_INFO *p7si = NULL; ASN1_TYPE *asn1obj = NULL; - GetPKCS7si(self, p7sip); + GetPKCS7si(self, p7si); - if (!(asn1obj = PKCS7_get_signed_attribute(p7sip->signer, NID_pkcs9_signingTime))) { + if (!(asn1obj = PKCS7_get_signed_attribute(p7si, NID_pkcs9_signingTime))) { OSSL_Raise(ePKCS7Error, ""); } if (asn1obj->type == V_ASN1_UTCTIME) return asn1time_to_time(asn1obj->value.utctime); + /* + * OR + * rb_raise(ePKCS7Error, "..."); + * ? + */ return Qnil; } diff --git a/ossl_pkey.c b/ossl_pkey.c index 09e8a59..e45b4cf 100644 --- a/ossl_pkey.c +++ b/ossl_pkey.c @@ -19,6 +19,7 @@ /* * Classes */ +ID id_private_q; VALUE cPKey; VALUE ePKeyError; @@ -56,18 +57,16 @@ ossl_pkey_new(EVP_PKEY *key) } VALUE -ossl_pkey_new_from_file(VALUE path) +ossl_pkey_new_from_file(VALUE filename) { - char *filename = NULL; FILE *fp = NULL; EVP_PKEY *pkey = NULL; VALUE obj; - Check_SafeStr(path); + filename = rb_str_to_str(filename); + Check_SafeStr(filename); - filename = RSTRING(path)->ptr; - - if ((fp = fopen(filename, "r")) == NULL) + if ((fp = fopen(RSTRING(filename)->ptr, "r")) == NULL) rb_raise(ePKeyError, "%s", strerror(errno)); /* @@ -97,6 +96,7 @@ ossl_pkey_get_EVP_PKEY(VALUE obj) ossl_pkey *pkeyp = NULL; OSSL_Check_Type(obj, cPKey); + GetPKey(obj, pkeyp); return pkeyp->get_EVP_PKEY(obj); @@ -120,6 +120,8 @@ ossl_pkey_s_new(int argc, VALUE *argv, VALUE klass) void Init_ossl_pkey(VALUE module) { + id_private_q = rb_intern("private?"); + ePKeyError = rb_define_class_under(module, "PKeyError", rb_eStandardError); cPKey = rb_define_class_under(module, "ANY", rb_cObject); diff --git a/ossl_x509.c b/ossl_x509.c index af97234..da1dc49 100644 --- a/ossl_x509.c +++ b/ossl_x509.c @@ -10,14 +10,8 @@ */ #include "ossl.h" -#define MakeX509(obj, x509p) {\ - obj = Data_Make_Struct(cX509Certificate, ossl_x509, 0, ossl_x509_free, x509p);\ -} -#define GetX509_unsafe(obj, x509p) Data_Get_Struct(obj, ossl_x509, x509p) -#define GetX509(obj, x509p) {\ - GetX509_unsafe(obj, x509p);\ - if (!x509p->x509) rb_raise(eX509CertificateError, "not initialized!");\ -} +#define WrapX509(obj, x509) obj = Data_Wrap_Struct(cX509Certificate, 0, X509_free, x509) +#define GetX509(obj, x509) Data_Get_Struct(obj, X509, x509) /* * Classes @@ -26,29 +20,11 @@ VALUE cX509Certificate; VALUE eX509CertificateError; /* - * Struct - */ -typedef struct ossl_x509_st { - X509 *x509; -} ossl_x509; - -static void -ossl_x509_free(ossl_x509 *x509p) -{ - if (x509p) { - if(x509p->x509) X509_free(x509p->x509); - x509p->x509 = NULL; - free(x509p); - } -} - -/* - * public functions + * Public */ VALUE ossl_x509_new(X509 *x509) { - ossl_x509 *x509p = NULL; X509 *new = NULL; VALUE obj; @@ -59,8 +35,7 @@ ossl_x509_new(X509 *x509) if (!new) OSSL_Raise(eX509CertificateError, ""); - MakeX509(obj, x509p); - x509p->x509 = new; + WrapX509(obj, new); return obj; } @@ -68,26 +43,26 @@ ossl_x509_new(X509 *x509) VALUE ossl_x509_new_from_file(VALUE filename) { + X509 *x509 = NULL; char *path; FILE *fp; - X509 *cert; - ossl_x509 *x509p = NULL; VALUE obj; + filename = rb_str_to_str(filename); Check_SafeStr(filename); + path = RSTRING(filename)->ptr; - if ((fp = fopen(path, "r")) == NULL) + if (!(fp = fopen(path, "r"))) rb_raise(eX509CertificateError, "%s", strerror(errno)); - cert = PEM_read_X509(fp, NULL, NULL, NULL); + x509 = PEM_read_X509(fp, NULL, NULL, NULL); fclose(fp); - if (!cert) + if (!x509) OSSL_Raise(eX509CertificateError, ""); - MakeX509(obj, x509p); - x509p->x509 = cert; + WrapX509(obj, x509); return obj; } @@ -95,29 +70,27 @@ ossl_x509_new_from_file(VALUE filename) X509 * ossl_x509_get_X509(VALUE obj) { - ossl_x509 *x509p = NULL; - X509 *x509 = NULL; + X509 *x509 = NULL, *new; OSSL_Check_Type(obj, cX509Certificate); - GetX509(obj, x509p); - if (!(x509 = X509_dup(x509p->x509))) { + GetX509(obj, x509); + + if (!(new = X509_dup(x509))) { OSSL_Raise(eX509CertificateError, ""); } - - return x509; + return new; } /* - * private functions + * Private */ static VALUE ossl_x509_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_x509 *x509p = NULL; VALUE obj; - MakeX509(obj, x509p); + obj = ossl_x509_new(NULL); rb_obj_call_init(obj, argc, argv); @@ -127,50 +100,40 @@ ossl_x509_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_x509_initialize(int argc, VALUE *argv, VALUE self) { - ossl_x509 *x509p = NULL; - X509 *x509 = NULL; BIO *in = NULL; VALUE buffer; - - GetX509_unsafe(self, x509p); - rb_scan_args(argc, argv, "01", &buffer); - - switch (TYPE(buffer)) { - case T_NIL: - x509 = X509_new(); - break; - default: - buffer = rb_String(buffer); - if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, RSTRING(buffer)->len))) { - OSSL_Raise(eX509CertificateError, ""); - } - x509 = PEM_read_bio_X509(in, NULL, NULL, NULL); - BIO_free(in); - } + if (argc == 0) + return self; - if (!x509) + buffer = rb_String(argv[0]); + + if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, RSTRING(buffer)->len))) { + OSSL_Raise(eX509CertificateError, ""); + } + if (!PEM_read_bio_X509(in, (X509 **)&DATA_PTR(self), NULL, NULL)) { + BIO_free(in); OSSL_Raise(eX509CertificateError, ""); + } + BIO_free(in); - x509p->x509 = x509; - return self; } static VALUE ossl_x509_to_der(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509(self, x509p); + GetX509(self, x509); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CertificateError, ""); } - if (!i2d_X509_bio(out, x509p->x509)) { + if (!i2d_X509_bio(out, x509)) { BIO_free(out); OSSL_Raise(eX509CertificateError, ""); } @@ -184,17 +147,17 @@ ossl_x509_to_der(VALUE self) static VALUE ossl_x509_to_pem(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509(self, x509p); + GetX509(self, x509); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CertificateError, ""); } - if (!PEM_write_bio_X509(out, x509p->x509)) { + if (!PEM_write_bio_X509(out, x509)) { BIO_free(out); OSSL_Raise(eX509CertificateError, ""); } @@ -208,17 +171,17 @@ ossl_x509_to_pem(VALUE self) static VALUE ossl_x509_to_text(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509(self, x509p); + GetX509(self, x509); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CertificateError, ""); } - if (!X509_print(out, x509p->x509)) { + if (!X509_print(out, x509)) { BIO_free(out); OSSL_Raise(eX509CertificateError, ""); } @@ -235,12 +198,12 @@ ossl_x509_to_text(VALUE self) static VALUE ossl_x509_to_req(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_REQ *req = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(req = X509_to_X509_REQ(x509p->x509, NULL, EVP_md5()))) { + if (!(req = X509_to_X509_REQ(x509, NULL, EVP_md5()))) { OSSL_Raise(eX509CertificateError, ""); } @@ -251,12 +214,12 @@ ossl_x509_to_req(VALUE self) static VALUE ossl_x509_get_version(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; long version = 0; - GetX509(self, x509p); + GetX509(self, x509); - version = X509_get_version(x509p->x509); + version = X509_get_version(x509); return INT2NUM(version+1); } @@ -264,15 +227,15 @@ ossl_x509_get_version(VALUE self) static VALUE ossl_x509_set_version(VALUE self, VALUE version) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; long ver = 0; - GetX509(self, x509p); + GetX509(self, x509); if ((ver = FIX2LONG(version)) <= 0) { rb_raise(eX509CertificateError, "version must be > 0!"); } - if (!X509_set_version(x509p->x509, ver-1)) { + if (!X509_set_version(x509, ver-1)) { OSSL_Raise(eX509CertificateError, ""); } @@ -282,13 +245,13 @@ ossl_x509_set_version(VALUE self, VALUE version) static VALUE ossl_x509_get_serial(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_INTEGER *asn1int = NULL; long serial = 0; - GetX509(self, x509p); + GetX509(self, x509); - if (!(asn1int = X509_get_serialNumber(x509p->x509))) { /* NO DUP - don't free */ + if (!(asn1int = X509_get_serialNumber(x509))) { /* NO DUP - don't free */ OSSL_Raise(eX509CertificateError, ""); } serial = ASN1_INTEGER_get(asn1int); @@ -299,10 +262,10 @@ ossl_x509_get_serial(VALUE self) static VALUE ossl_x509_set_serial(VALUE self, VALUE serial) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_INTEGER *asn1int = NULL; - GetX509(self, x509p); + GetX509(self, x509); if (!(asn1int = ASN1_INTEGER_new())) { OSSL_Raise(eX509CertificateError, ""); @@ -311,7 +274,7 @@ ossl_x509_set_serial(VALUE self, VALUE serial) ASN1_INTEGER_free(asn1int); OSSL_Raise(eX509CertificateError, ""); } - if (!X509_set_serialNumber(x509p->x509, asn1int)) { /* DUPs asn1int - FREE it */ + if (!X509_set_serialNumber(x509, asn1int)) { /* DUPs asn1int - FREE it */ ASN1_INTEGER_free(asn1int); OSSL_Raise(eX509CertificateError, ""); } @@ -323,12 +286,12 @@ ossl_x509_set_serial(VALUE self, VALUE serial) static VALUE ossl_x509_get_subject(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(name = X509_get_subject_name(x509p->x509))) { /* NO DUP - don't free! */ + if (!(name = X509_get_subject_name(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -338,15 +301,14 @@ ossl_x509_get_subject(VALUE self) static VALUE ossl_x509_set_subject(VALUE self, VALUE subject) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(subject, cX509Name); name = ossl_x509name_get_X509_NAME(subject); - if (!X509_set_subject_name(x509p->x509, name)) { /* DUPs name - FREE it */ + if (!X509_set_subject_name(x509, name)) { /* DUPs name - FREE it */ X509_NAME_free(name); OSSL_Raise(eX509CertificateError, ""); } @@ -358,12 +320,12 @@ ossl_x509_set_subject(VALUE self, VALUE subject) static VALUE ossl_x509_get_issuer(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if(!(name = X509_get_issuer_name(x509p->x509))) { /* NO DUP - don't free! */ + if(!(name = X509_get_issuer_name(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -373,15 +335,14 @@ ossl_x509_get_issuer(VALUE self) static VALUE ossl_x509_set_issuer(VALUE self, VALUE issuer) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_NAME *name = NULL; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(issuer, cX509Name); name = ossl_x509name_get_X509_NAME(issuer); - if (!X509_set_issuer_name(x509p->x509, name)) { /* DUPs name - FREE it */ + if (!X509_set_issuer_name(x509, name)) { /* DUPs name - FREE it */ X509_NAME_free(name); OSSL_Raise(eX509CertificateError, ""); } @@ -393,12 +354,12 @@ ossl_x509_set_issuer(VALUE self, VALUE issuer) static VALUE ossl_x509_get_not_before(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_UTCTIME *asn1time = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(asn1time = X509_get_notBefore(x509p->x509))) { /* NO DUP - don't free! */ + if (!(asn1time = X509_get_notBefore(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -408,22 +369,14 @@ ossl_x509_get_not_before(VALUE self) static VALUE ossl_x509_set_not_before(VALUE self, VALUE time) { - ossl_x509 *x509p = NULL; - int intsec = -1; - VALUE sec; + X509 *x509 = NULL; + time_t sec; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(time, rb_cTime); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) { - rb_raise(eX509CertificateError, "wierd time"); - } - if ((intsec = FIX2INT(sec)) < 0) { - rb_raise(eX509CertificateError, "time < 0???"); - } - if (!ASN1_UTCTIME_set(X509_get_notBefore(x509p->x509), intsec)) { + if (!ASN1_UTCTIME_set(X509_get_notBefore(x509), sec)) { OSSL_Raise(eX509CertificateError, ""); } return time; @@ -432,12 +385,12 @@ ossl_x509_set_not_before(VALUE self, VALUE time) static VALUE ossl_x509_get_not_after(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; ASN1_UTCTIME *asn1time = NULL; - GetX509(self, x509p); + GetX509(self, x509); - if (!(asn1time = X509_get_notAfter(x509p->x509))) { /* NO DUP - don't free! */ + if (!(asn1time = X509_get_notAfter(x509))) { /* NO DUP - don't free! */ OSSL_Raise(eX509CertificateError, ""); } @@ -447,22 +400,14 @@ ossl_x509_get_not_after(VALUE self) static VALUE ossl_x509_set_not_after(VALUE self, VALUE time) { - ossl_x509 *x509p = NULL; - int intsec = -1; - VALUE sec; + X509 *x509 = NULL; + time_t sec; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(time, rb_cTime); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) { - rb_raise(eX509CertificateError, "wierd time"); - } - if ((intsec = FIX2INT(sec)) < 0) { - rb_raise(eX509CertificateError, "time < 0??"); - } - if (!ASN1_UTCTIME_set(X509_get_notAfter(x509p->x509), FIX2INT(sec))) { + if (!ASN1_UTCTIME_set(X509_get_notAfter(x509), sec)) { OSSL_Raise(eX509CertificateError, ""); } return time; @@ -471,13 +416,13 @@ ossl_x509_set_not_after(VALUE self, VALUE time) static VALUE ossl_x509_get_public_key(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; VALUE pub_key; - GetX509(self, x509p); + GetX509(self, x509); - if (!(pkey = X509_get_pubkey(x509p->x509))) { /* adds an reference - safe to FREE */ + if (!(pkey = X509_get_pubkey(x509))) { /* adds an reference - safe to FREE */ OSSL_Raise(eX509CertificateError, ""); } pub_key = ossl_pkey_new(pkey); @@ -489,15 +434,14 @@ ossl_x509_get_public_key(VALUE self) static VALUE ossl_x509_set_public_key(VALUE self, VALUE pubk) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; - GetX509(self, x509p); - OSSL_Check_Type(pubk, cPKey); + GetX509(self, x509); pkey = ossl_pkey_get_EVP_PKEY(pubk); - if (!X509_set_pubkey(x509p->x509, pkey)) { /* DUPs pkey - FREE it */ + if (!X509_set_pubkey(x509, pkey)) { /* DUPs pkey - FREE it */ EVP_PKEY_free(pkey); OSSL_Raise(eX509CertificateError, ""); } @@ -509,11 +453,12 @@ ossl_x509_set_public_key(VALUE self, VALUE pubk) static VALUE ossl_x509_sign(VALUE self, VALUE key, VALUE digest) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; const EVP_MD *md = NULL; - GetX509(self, x509p); + GetX509(self, x509); + OSSL_Check_Type(key, cPKey); OSSL_Check_Type(digest, cDigest); @@ -524,7 +469,7 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) pkey = ossl_pkey_get_EVP_PKEY(key); md = ossl_digest_get_EVP_MD(digest); - if (!X509_sign(x509p->x509, pkey, md)) { + if (!X509_sign(x509, pkey, md)) { EVP_PKEY_free(pkey); OSSL_Raise(eX509CertificateError, ""); } @@ -539,15 +484,15 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) static VALUE ossl_x509_verify(VALUE self, VALUE key) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; int i = 0; - GetX509(self, x509p); - OSSL_Check_Type(key, cPKey); + GetX509(self, x509); pkey = ossl_pkey_get_EVP_PKEY(key); - i = X509_verify(x509p->x509, pkey); + + i = X509_verify(x509, pkey); EVP_PKEY_free(pkey); if (i < 0) { @@ -564,16 +509,15 @@ ossl_x509_verify(VALUE self, VALUE key) static VALUE ossl_x509_check_private_key(VALUE self, VALUE key) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; EVP_PKEY *pkey = NULL; VALUE result; - GetX509(self, x509p); - OSSL_Check_Type(key, cPKey); + GetX509(self, x509); pkey = ossl_pkey_get_EVP_PKEY(key); - if (!X509_check_private_key(x509p->x509, pkey)) { + if (!X509_check_private_key(x509, pkey)) { OSSL_Warning("Check private key:"); result = Qfalse; } else @@ -590,14 +534,14 @@ ossl_x509_check_private_key(VALUE self, VALUE key) static VALUE ossl_x509_get_extensions(VALUE self) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; int count = 0, i; X509_EXTENSION *ext = NULL; VALUE ary; - GetX509(self, x509p); + GetX509(self, x509); - count = X509_get_ext_count(x509p->x509); + count = X509_get_ext_count(x509); if (count > 0) ary = rb_ary_new2(count); @@ -605,7 +549,7 @@ ossl_x509_get_extensions(VALUE self) return rb_ary_new(); for (i=0; ix509, i); /* NO DUP - don't free! */ + ext = X509_get_ext(x509, i); /* NO DUP - don't free! */ rb_ary_push(ary, ossl_x509ext_new(ext)); } @@ -618,24 +562,24 @@ ossl_x509_get_extensions(VALUE self) static VALUE ossl_x509_set_extensions(VALUE self, VALUE ary) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_EXTENSION *ext = NULL; int i = 0; - GetX509(self, x509p); + GetX509(self, x509); Check_Type(ary, T_ARRAY); for (i=0; ilen; i++) { /* All ary's members should be X509Extension */ OSSL_Check_Type(RARRAY(ary)->ptr[i], cX509Extension); } - sk_X509_EXTENSION_pop_free(x509p->x509->cert_info->extensions, X509_EXTENSION_free); - x509p->x509->cert_info->extensions = NULL; + sk_X509_EXTENSION_pop_free(x509->cert_info->extensions, X509_EXTENSION_free); + x509->cert_info->extensions = NULL; for (i=0; ilen; i++) { ext = ossl_x509ext_get_X509_EXTENSION(RARRAY(ary)->ptr[i]); - if (!X509_add_ext(x509p->x509, ext, -1)) { /* DUPs ext - FREE it */ + if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */ X509_EXTENSION_free(ext); OSSL_Raise(eX509CertificateError, ""); } @@ -648,15 +592,14 @@ ossl_x509_set_extensions(VALUE self, VALUE ary) static VALUE ossl_x509_add_extension(VALUE self, VALUE extension) { - ossl_x509 *x509p = NULL; + X509 *x509 = NULL; X509_EXTENSION *ext = NULL; - GetX509(self, x509p); + GetX509(self, x509); - OSSL_Check_Type(extension, cX509Extension); ext = ossl_x509ext_get_X509_EXTENSION(extension); - if (!X509_add_ext(x509p->x509, ext, -1)) { /* DUPs ext - FREE it */ + if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */ X509_EXTENSION_free(ext); OSSL_Raise(eX509CertificateError, ""); } diff --git a/ossl_x509attr.c b/ossl_x509attr.c index 66f5a55..67eecd3 100644 --- a/ossl_x509attr.c +++ b/ossl_x509attr.c @@ -10,14 +10,8 @@ */ #include "ossl.h" -#define MakeX509Attr(obj, attrp) {\ - obj = Data_Make_Struct(cX509Attribute, ossl_x509attr, 0, ossl_x509attr_free, attrp);\ -} - -#define GetX509Attr(obj, attrp) {\ - Data_Get_Struct(obj, ossl_x509attr, attrp);\ - if (!attrp->attribute) rb_raise(eX509AttributeError, "not initialized!");\ -} +#define WrapX509Attr(obj, attr) obj = Data_Wrap_Struct(cX509Attribute, 0, X509_ATTRIBUTE_free, attr) +#define GetX509Attr(obj, attr) Data_Get_Struct(obj, X509_ATTRIBUTE, attr) /* * Classes @@ -26,30 +20,11 @@ VALUE cX509Attribute; VALUE eX509AttributeError; /* - * Struct - */ -typedef struct ossl_x509attr_st { - X509_ATTRIBUTE *attribute; -} ossl_x509attr; - - -static void -ossl_x509attr_free(ossl_x509attr *attrp) -{ - if (attrp) { - if (attrp->attribute) X509_ATTRIBUTE_free(attrp->attribute); - attrp->attribute = NULL; - free(attrp); - } -} - -/* - * public + * Public */ VALUE ossl_x509attr_new(X509_ATTRIBUTE *attr) { - ossl_x509attr *attrp = NULL; X509_ATTRIBUTE *new = NULL; VALUE obj; @@ -59,9 +34,8 @@ ossl_x509attr_new(X509_ATTRIBUTE *attr) if (!new) OSSL_Raise(eX509AttributeError, ""); - - MakeX509Attr(obj, attrp); - attrp->attribute = new; + + WrapX509Attr(obj, new); return obj; } @@ -69,25 +43,25 @@ ossl_x509attr_new(X509_ATTRIBUTE *attr) X509_ATTRIBUTE * ossl_x509attr_get_X509_ATTRIBUTE(VALUE obj) { - ossl_x509attr *attrp = NULL; - X509_ATTRIBUTE *attr = NULL; + X509_ATTRIBUTE *attr = NULL, *new; - OSSL_Check_Type(obj, cX509Attribute); - GetX509Attr(obj, attrp); + OSSL_Check_Type(obj, cX509Attribute); + + GetX509Attr(obj, attr); - if (!(attr = X509_ATTRIBUTE_dup(attrp->attribute))) + if (!(new = X509_ATTRIBUTE_dup(attr))) { OSSL_Raise(eX509AttributeError, ""); - - return attr; + } + + return new; } /* - * private + * Private */ static VALUE ossl_x509attr_s_new_from_array(VALUE klass, VALUE ary) { - ossl_x509attr *attrp = NULL; X509_ATTRIBUTE *attr = NULL; int nid = NID_undef; VALUE item, obj; @@ -112,8 +86,7 @@ ossl_x509attr_s_new_from_array(VALUE klass, VALUE ary) if (!(attr = X509_ATTRIBUTE_create(nid, MBSTRING_ASC, RSTRING(item)->ptr))) OSSL_Raise(eX509AttributeError, ""); - MakeX509Attr(obj, attrp); - attrp->attribute = attr; + WrapX509Attr(obj, attr); return obj; } diff --git a/ossl_x509crl.c b/ossl_x509crl.c index f001053..dccc021 100644 --- a/ossl_x509crl.c +++ b/ossl_x509crl.c @@ -10,14 +10,8 @@ */ #include "ossl.h" -#define MakeX509CRL(obj, crlp) {\ - obj = Data_Make_Struct(cX509CRL, ossl_x509crl, 0, ossl_x509crl_free, crlp);\ -} -#define GetX509CRL_unsafe(obj, crlp) Data_Get_Struct(obj, ossl_x509crl, crlp) -#define GetX509CRL(obj, crlp) {\ - GetX509CRL_unsafe(obj, crlp);\ - if (!crlp->crl) rb_raise(eX509CRLError, "not initialized!");\ -} +#define WrapX509CRL(obj, crl) obj = Data_Wrap_Struct(cX509CRL, 0, X509_CRL_free, crl) +#define GetX509CRL(obj, crl) Data_Get_Struct(obj, X509_CRL, crl) /* * Classes @@ -25,41 +19,23 @@ VALUE cX509CRL; VALUE eX509CRLError; -/* - * Struct - */ -typedef struct ossl_x509crl_st { - X509_CRL *crl; -} ossl_x509crl; - -static void -ossl_x509crl_free(ossl_x509crl *crlp) -{ - if (crlp) { - if (crlp->crl) X509_CRL_free(crlp->crl); - crlp->crl = NULL; - free(crlp); - } -} - /* * PUBLIC */ X509_CRL * ossl_x509crl_get_X509_CRL(VALUE obj) { - ossl_x509crl *crlp = NULL; - X509_CRL *crl = NULL; + X509_CRL *crl = NULL, *new; OSSL_Check_Type(obj, cX509CRL); - GetX509CRL(obj, crlp); + GetX509CRL(obj, crl); - if (!(crl = X509_CRL_dup(crlp->crl))) { + if (!(new = X509_CRL_dup(crl))) { OSSL_Raise(eX509CRLError, ""); } - return crl; + return new; } /* @@ -68,11 +44,15 @@ ossl_x509crl_get_X509_CRL(VALUE obj) static VALUE ossl_x509crl_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; VALUE obj; - MakeX509CRL(obj, crlp); - + if (!(crl = X509_CRL_new())) { + OSSL_Raise(eX509CRLError, ""); + } + + WrapX509CRL(obj, crl); + rb_obj_call_init(obj, argc, argv); return obj; @@ -81,44 +61,35 @@ ossl_x509crl_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_x509crl_initialize(int argc, VALUE *argv, VALUE self) { - ossl_x509crl *crlp = NULL; - X509_CRL *crl = NULL; BIO *in = NULL; VALUE buffer; - GetX509CRL_unsafe(self, crlp); + if (argc == 0) + return self; - rb_scan_args(argc, argv, "01", &buffer); - - switch (TYPE(buffer)) { - case T_NIL: - crl = X509_CRL_new(); - break; - default: - buffer = rb_String(buffer); - if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, -1))) { - OSSL_Raise(eX509CRLError, ""); - } - crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL); - BIO_free(in); + buffer = rb_String(argv[0]); + + if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, -1))) { + OSSL_Raise(eX509CRLError, ""); } - if (!crl) + if (!PEM_read_bio_X509_CRL(in, (X509_CRL **)&DATA_PTR(self), NULL, NULL)) { + BIO_free(in); OSSL_Raise(eX509CRLError, ""); - - crlp->crl = crl; - + } + BIO_free(in); + return self; } static VALUE ossl_x509crl_get_version(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; long ver = 0; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - ver = ASN1_INTEGER_get(crlp->crl->crl->version); + ver = ASN1_INTEGER_get(crl->crl->version); return INT2NUM(ver); } @@ -126,10 +97,10 @@ ossl_x509crl_get_version(VALUE self) static VALUE ossl_x509crl_set_version(VALUE self, VALUE version) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; ASN1_INTEGER *asn1int = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); if (!(asn1int = ASN1_INTEGER_new())) { OSSL_Raise(eX509CRLError, ""); @@ -138,8 +109,8 @@ ossl_x509crl_set_version(VALUE self, VALUE version) OSSL_Raise(eX509CRLError, ""); } - ASN1_INTEGER_free(crlp->crl->crl->version); - crlp->crl->crl->version = asn1int; + ASN1_INTEGER_free(crl->crl->version); + crl->crl->version = asn1int; return version; } @@ -147,25 +118,25 @@ ossl_x509crl_set_version(VALUE self, VALUE version) static VALUE ossl_x509crl_get_issuer(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - return ossl_x509name_new(crlp->crl->crl->issuer); + return ossl_x509name_new(crl->crl->issuer); } static VALUE ossl_x509crl_set_issuer(VALUE self, VALUE issuer) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; X509_NAME *name = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); OSSL_Check_Type(issuer, cX509Name); name = ossl_x509name_get_X509_NAME(issuer); - if (!X509_NAME_set(&(crlp->crl->crl->issuer), name)) { /* DUPs name - FREE it */ + if (!X509_NAME_set(&(crl->crl->issuer), name)) { /* DUPs name - FREE it */ X509_NAME_free(name); OSSL_Raise(eX509CRLError, ""); } @@ -177,28 +148,24 @@ ossl_x509crl_set_issuer(VALUE self, VALUE issuer) static VALUE ossl_x509crl_get_last_update(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - return asn1time_to_time(crlp->crl->crl->lastUpdate); + return asn1time_to_time(crl->crl->lastUpdate); } static VALUE ossl_x509crl_set_last_update(VALUE self, VALUE time) { - ossl_x509crl *crlp = NULL; - VALUE sec; + X509_CRL *crl = NULL; + time_t sec; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - OSSL_Check_Type(time, rb_cTime); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) - rb_raise(eX509CRLError, "wierd time"); - - if (!ASN1_UTCTIME_set(crlp->crl->crl->lastUpdate, FIX2INT(sec))) { + if (!ASN1_UTCTIME_set(crl->crl->lastUpdate, sec)) { OSSL_Raise(eX509CRLError, ""); } @@ -208,28 +175,24 @@ ossl_x509crl_set_last_update(VALUE self, VALUE time) static VALUE ossl_x509crl_get_next_update(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - return asn1time_to_time(crlp->crl->crl->nextUpdate); + return asn1time_to_time(crl->crl->nextUpdate); } static VALUE ossl_x509crl_set_next_update(VALUE self, VALUE time) { - ossl_x509crl *crlp = NULL; - VALUE sec; + X509_CRL *crl = NULL; + time_t sec; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - OSSL_Check_Type(time, rb_cTime); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) - rb_raise(eX509CRLError, "wierd time"); - - if (!ASN1_UTCTIME_set(crlp->crl->crl->nextUpdate, FIX2INT(sec))) { + if (!ASN1_UTCTIME_set(crl->crl->nextUpdate, sec)) { OSSL_Raise(eX509CRLError, ""); } @@ -239,14 +202,14 @@ ossl_x509crl_set_next_update(VALUE self, VALUE time) static VALUE ossl_x509crl_get_revoked(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; int i, num = 0; X509_REVOKED *rev = NULL; VALUE ary, revoked; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - num = sk_X509_CRL_num(crlp->crl->crl->revoked); + num = sk_X509_CRL_num(crl->crl->revoked); if (num < 0) return rb_ary_new(); @@ -254,7 +217,7 @@ ossl_x509crl_get_revoked(VALUE self) ary = rb_ary_new2(num); for(i=0; icrl->crl->revoked, i); /* NO DUP - don't free! */ + rev = (X509_REVOKED *)sk_X509_CRL_value(crl->crl->revoked, i); /* NO DUP - don't free! */ revoked = ossl_x509revoked_new(rev); rb_ary_push(ary, revoked); } @@ -265,29 +228,29 @@ ossl_x509crl_get_revoked(VALUE self) static VALUE ossl_x509crl_set_revoked(VALUE self, VALUE ary) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; X509_REVOKED *rev = NULL; int i; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); Check_Type(ary, T_ARRAY); for (i=0; ilen; i++) { /* All ary members should be X509 Revoked */ OSSL_Check_Type(RARRAY(ary)->ptr[i], cX509Revoked); } - sk_X509_REVOKED_pop_free(crlp->crl->crl->revoked, X509_REVOKED_free); - crlp->crl->crl->revoked = NULL; - M_ASN1_New(crlp->crl->crl->revoked, sk_X509_REVOKED_new_null); + sk_X509_REVOKED_pop_free(crl->crl->revoked, X509_REVOKED_free); + crl->crl->revoked = NULL; + M_ASN1_New(crl->crl->revoked, sk_X509_REVOKED_new_null); for (i=0; ilen; i++) { rev = ossl_x509revoked_get_X509_REVOKED(RARRAY(ary)->ptr[i]); - if (!sk_X509_CRL_push(crlp->crl->crl->revoked, rev)) { /* NO DUP - don't free! */ + if (!sk_X509_CRL_push(crl->crl->revoked, rev)) { /* NO DUP - don't free! */ OSSL_Raise(eX509CRLError, ""); } } - sk_X509_REVOKED_sort(crlp->crl->crl->revoked); + sk_X509_REVOKED_sort(crl->crl->revoked); return ary; } @@ -295,18 +258,18 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary) static VALUE ossl_x509crl_add_revoked(VALUE self, VALUE revoked) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; X509_REVOKED *rev = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); OSSL_Check_Type(revoked, cX509Revoked); rev = ossl_x509revoked_get_X509_REVOKED(revoked); - if (!sk_X509_CRL_push(crlp->crl->crl->revoked, rev)) { /* NO DUP - don't free! */ + if (!sk_X509_CRL_push(crl->crl->revoked, rev)) { /* NO DUP - don't free! */ OSSL_Raise(eX509CRLError, ""); } - sk_X509_REVOKED_sort(crlp->crl->crl->revoked); + sk_X509_REVOKED_sort(crl->crl->revoked); return revoked; } @@ -314,23 +277,23 @@ ossl_x509crl_add_revoked(VALUE self, VALUE revoked) static VALUE ossl_x509crl_sign(VALUE self, VALUE key, VALUE digest) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; EVP_PKEY *pkey = NULL; const EVP_MD *md = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); OSSL_Check_Type(key, cPKey); OSSL_Check_Type(digest, cDigest); - if (rb_funcall(key, rb_intern("private?"), 0, NULL) == Qfalse) { + if (rb_funcall(key, id_private_q, 0, NULL) == Qfalse) { rb_raise(eX509CRLError, "PRIVATE key needed to sign CRL!"); } pkey = ossl_pkey_get_EVP_PKEY(key); md = ossl_digest_get_EVP_MD(digest); - if (!X509_CRL_sign(crlp->crl, pkey, md)) { + if (!X509_CRL_sign(crl, pkey, md)) { EVP_PKEY_free(pkey); OSSL_Raise(eX509CRLError, ""); } @@ -342,16 +305,16 @@ ossl_x509crl_sign(VALUE self, VALUE key, VALUE digest) static VALUE ossl_x509crl_verify(VALUE self, VALUE key) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; EVP_PKEY *pkey = NULL; int result = 0; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); OSSL_Check_Type(key, cPKey); pkey = ossl_pkey_get_EVP_PKEY(key); - result = X509_CRL_verify(crlp->crl, pkey); + result = X509_CRL_verify(crl, pkey); EVP_PKEY_free(pkey); if (result == 1) return Qtrue; @@ -361,17 +324,17 @@ ossl_x509crl_verify(VALUE self, VALUE key) static VALUE ossl_x509crl_to_pem(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CRLError, ""); } - if (!PEM_write_bio_X509_CRL(out, crlp->crl)) { + if (!PEM_write_bio_X509_CRL(out, crl)) { BIO_free(out); OSSL_Raise(eX509CRLError, ""); } @@ -385,17 +348,17 @@ ossl_x509crl_to_pem(VALUE self) static VALUE ossl_x509crl_to_text(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509CRLError, ""); } - if (!X509_CRL_print(out, crlp->crl)) { + if (!X509_CRL_print(out, crl)) { BIO_free(out); OSSL_Raise(eX509CRLError, ""); } @@ -412,14 +375,14 @@ ossl_x509crl_to_text(VALUE self) static VALUE ossl_x509crl_get_extensions(VALUE self) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; int count = 0, i; X509_EXTENSION *ext = NULL; VALUE ary; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); - count = X509_CRL_get_ext_count(crlp->crl); + count = X509_CRL_get_ext_count(crl); if (count > 0) ary = rb_ary_new2(count); @@ -427,7 +390,7 @@ ossl_x509crl_get_extensions(VALUE self) return rb_ary_new(); for (i=0; icrl, i); /* NO DUP - don't free! */ + ext = X509_CRL_get_ext(crl, i); /* NO DUP - don't free! */ rb_ary_push(ary, ossl_x509ext_new(ext)); } @@ -440,24 +403,24 @@ ossl_x509crl_get_extensions(VALUE self) static VALUE ossl_x509crl_set_extensions(VALUE self, VALUE ary) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; X509_EXTENSION *ext = NULL; int i = 0; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); Check_Type(ary, T_ARRAY); for (i=0; ilen; i++) { /* All ary members should be X509 Extensions */ OSSL_Check_Type(RARRAY(ary)->ptr[i], cX509Extension); } - sk_X509_EXTENSION_pop_free(crlp->crl->crl->extensions, X509_EXTENSION_free); - crlp->crl->crl->extensions = NULL; + sk_X509_EXTENSION_pop_free(crl->crl->extensions, X509_EXTENSION_free); + crl->crl->extensions = NULL; for (i=0; ilen; i++) { ext = ossl_x509ext_get_X509_EXTENSION(RARRAY(ary)->ptr[i]); - if(!X509_CRL_add_ext(crlp->crl, ext, -1)) { /* DUPs ext - FREE it */ + if(!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */ X509_EXTENSION_free(ext); OSSL_Raise(eX509CRLError, ""); } @@ -470,15 +433,15 @@ ossl_x509crl_set_extensions(VALUE self, VALUE ary) static VALUE ossl_x509crl_add_extension(VALUE self, VALUE extension) { - ossl_x509crl *crlp = NULL; + X509_CRL *crl = NULL; X509_EXTENSION *ext = NULL; - GetX509CRL(self, crlp); + GetX509CRL(self, crl); OSSL_Check_Type(extension, cX509Extension); ext = ossl_x509ext_get_X509_EXTENSION(extension); - if(!X509_CRL_add_ext(crlp->crl, ext, -1)) { /* DUPs ext - FREE it */ + if (!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */ X509_EXTENSION_free(ext); OSSL_Raise(eX509CRLError, ""); } diff --git a/ossl_x509ext.c b/ossl_x509ext.c index 484331d..05f59b9 100644 --- a/ossl_x509ext.c +++ b/ossl_x509ext.c @@ -10,19 +10,11 @@ */ #include "ossl.h" -#define MakeX509Ext(obj, extp) {\ - obj = Data_Make_Struct(cX509Extension, ossl_x509ext, 0, ossl_x509ext_free, extp);\ -} -#define GetX509Ext(obj, extp) {\ - Data_Get_Struct(obj, ossl_x509ext, extp);\ - if (!extp->extension) rb_raise(eX509ExtensionError, "not initialized!");\ -} +#define WrapX509Ext(obj, ext) obj = Data_Wrap_Struct(cX509Extension, 0, X509_EXTENSION_free, ext) +#define GetX509Ext(obj, ext) Data_Get_Struct(obj, X509_EXTENSION, ext) -#define MakeX509ExtFactory(obj, extfactoryp) {\ - obj = Data_Make_Struct(cX509ExtensionFactory, ossl_x509extfactory, 0, ossl_x509extfactory_free, extfactoryp);\ -} -#define GetX509ExtFactory(obj, extfactoryp) \ - Data_Get_Struct(obj, ossl_x509extfactory, extfactoryp) +#define MakeX509ExtFactory(obj, extfactoryp) obj = Data_Make_Struct(cX509ExtensionFactory, ossl_x509extfactory, 0, ossl_x509extfactory_free, extfactoryp) +#define GetX509ExtFactory(obj, extfactoryp) Data_Get_Struct(obj, ossl_x509extfactory, extfactoryp) /* * Classes @@ -34,25 +26,11 @@ VALUE eX509ExtensionError; /* * Structs */ -typedef struct ossl_x509ext_st { - X509_EXTENSION *extension; -} ossl_x509ext; - typedef struct ossl_x509extfactory_st { X509V3_CTX ctx; } ossl_x509extfactory; -static void -ossl_x509ext_free(ossl_x509ext *extp) -{ - if (extp) { - if (extp->extension) X509_EXTENSION_free(extp->extension); - extp->extension = NULL; - free(extp); - } -} - static void ossl_x509extfactory_free(ossl_x509extfactory *extfactoryp) { @@ -67,7 +45,6 @@ ossl_x509extfactory_free(ossl_x509extfactory *extfactoryp) VALUE ossl_x509ext_new(X509_EXTENSION *ext) { - ossl_x509ext *extp = NULL; X509_EXTENSION *new = NULL; VALUE obj; @@ -78,8 +55,7 @@ ossl_x509ext_new(X509_EXTENSION *ext) if (!new) OSSL_Raise(eX509ExtensionError, ""); - MakeX509Ext(obj, extp); - extp->extension = new; + WrapX509Ext(obj, new); return obj; } @@ -87,12 +63,17 @@ ossl_x509ext_new(X509_EXTENSION *ext) X509_EXTENSION * ossl_x509ext_get_X509_EXTENSION(VALUE obj) { - ossl_x509ext *extp = NULL; + X509_EXTENSION *ext = NULL, *new; - OSSL_Check_Type(obj, cX509Extension); - GetX509Ext(obj, extp); + OSSL_Check_Type(obj, cX509Extension); + + GetX509Ext(obj, ext); - return X509_EXTENSION_dup(extp->extension); + if (!(new = X509_EXTENSION_dup(ext))) { + OSSL_Raise(eX509ExtensionError, ""); + } + + return new; } /* @@ -204,11 +185,10 @@ static VALUE ossl_x509extfactory_create_ext_from_array(VALUE self, VALUE ary) { ossl_x509extfactory *extfactoryp = NULL; - ossl_x509ext *extp = NULL; X509_EXTENSION *ext = NULL; int nid = NID_undef; char *value = NULL; - VALUE item,obj; + VALUE item, obj; GetX509ExtFactory(self, extfactoryp); @@ -217,9 +197,6 @@ ossl_x509extfactory_create_ext_from_array(VALUE self, VALUE ary) if ((RARRAY(ary)->len) < 2 || (RARRAY(ary)->len > 3)) { /*2 or 3 allowed*/ rb_raise(eX509ExtensionError, "unsupported structure"); } - if (!(ext = X509_EXTENSION_new())) { - OSSL_Raise(eX509ExtensionError, ""); - } /* key [0] */ item = RARRAY(ary)->ptr[0]; @@ -249,8 +226,7 @@ ossl_x509extfactory_create_ext_from_array(VALUE self, VALUE ary) } free(value); - MakeX509Ext(obj, extp); - extp->extension = ext; + WrapX509Ext(obj, ext); return obj; } @@ -261,23 +237,23 @@ ossl_x509extfactory_create_ext_from_array(VALUE self, VALUE ary) static VALUE ossl_x509ext_to_a(VALUE obj) { - ossl_x509ext *extp = NULL; + X509_EXTENSION *ext = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; int nid = NID_undef, critical; VALUE ary, value; - GetX509Ext(obj, extp); + GetX509Ext(obj, ext); ary = rb_ary_new2(3); - nid = OBJ_obj2nid(X509_EXTENSION_get_object(extp->extension)); + nid = OBJ_obj2nid(X509_EXTENSION_get_object(ext)); rb_ary_push(ary, rb_str_new2(OBJ_nid2sn(nid))); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509ExtensionError, ""); } - if (!X509V3_EXT_print(out, extp->extension, 0, 0)) { + if (!X509V3_EXT_print(out, ext, 0, 0)) { BIO_free(out); OSSL_Raise(eX509ExtensionError, ""); } @@ -288,7 +264,7 @@ ossl_x509ext_to_a(VALUE obj) rb_funcall(value, rb_intern("tr!"), 2, rb_str_new2("\n"), rb_str_new2(",")); rb_ary_push(ary, value); - critical = X509_EXTENSION_get_critical(extp->extension); + critical = X509_EXTENSION_get_critical(ext); rb_ary_push(ary, (critical) ? Qtrue : Qfalse); return ary; diff --git a/ossl_x509name.c b/ossl_x509name.c index d64b74f..905aa5d 100644 --- a/ossl_x509name.c +++ b/ossl_x509name.c @@ -11,13 +11,8 @@ #include "ossl.h" #include "st.h" /* For st_foreach -- ST_CONTINUE */ -#define MakeX509Name(obj, namep) {\ - obj = Data_Make_Struct(cX509Name, ossl_x509name, 0, ossl_x509name_free, namep);\ -} -#define GetX509Name(obj, namep) {\ - Data_Get_Struct(obj, ossl_x509name, namep);\ - if (!namep->name) rb_raise(eX509NameError, "not initialized!");\ -} +#define WrapX509Name(obj, name) obj = Data_Wrap_Struct(cX509Name, 0, X509_NAME_free, name) +#define GetX509Name(obj, name) Data_Get_Struct(obj, X509_NAME, name) /* * Classes @@ -25,31 +20,12 @@ VALUE cX509Name; VALUE eX509NameError; -/* - * Struct - */ -typedef struct ossl_x509name_st { - X509_NAME *name; -} ossl_x509name; - - -static void -ossl_x509name_free(ossl_x509name *namep) -{ - if (namep) { - if (namep->name) X509_NAME_free(namep->name); - namep->name = NULL; - free(namep); - } -} - /* * Public */ VALUE ossl_x509name_new(X509_NAME *name) { - ossl_x509name *namep = NULL; X509_NAME *new = NULL; VALUE obj; @@ -60,8 +36,7 @@ ossl_x509name_new(X509_NAME *name) if (!new) OSSL_Raise(eX509NameError, ""); - MakeX509Name(obj, namep); - namep->name = new; + WrapX509Name(obj, new); return obj; } @@ -69,12 +44,17 @@ ossl_x509name_new(X509_NAME *name) X509_NAME * ossl_x509name_get_X509_NAME(VALUE obj) { - ossl_x509name *namep = NULL; + X509_NAME *name = NULL, *new; - OSSL_Check_Type(obj, cX509Name); - GetX509Name(obj, namep); + OSSL_Check_Type(obj, cX509Name); + + GetX509Name(obj, name); - return X509_NAME_dup(namep->name); + if (!(new = X509_NAME_dup(name))) { + OSSL_Raise(eX509NameError, ""); + } + + return new; } /* @@ -94,11 +74,11 @@ ossl_x509name_hash_i(VALUE key, VALUE value, X509_NAME *name) if (!(id = OBJ_ln2nid(RSTRING(key)->ptr))) if (!(id = OBJ_sn2nid(RSTRING(key)->ptr))) { X509_NAME_free(name); - OSSL_Raise(eX509NameError, "OBJ_...2nid:"); + OSSL_Raise(eX509NameError, "OBJ_name2nid:"); } - + type = ASN1_PRINTABLE_type(RSTRING(value)->ptr, -1); - + if (!X509_NAME_add_entry_by_NID(name, id, type, RSTRING(value)->ptr, RSTRING(value)->len, -1, 0)) { X509_NAME_free(name); OSSL_Raise(eX509NameError, ""); @@ -110,7 +90,6 @@ ossl_x509name_hash_i(VALUE key, VALUE value, X509_NAME *name) static VALUE ossl_x509name_s_new_from_hash(VALUE klass, VALUE hash) { - ossl_x509name *namep = NULL; X509_NAME *name = NULL; VALUE obj; @@ -120,31 +99,35 @@ ossl_x509name_s_new_from_hash(VALUE klass, VALUE hash) OSSL_Raise(eX509NameError, ""); st_foreach(RHASH(hash)->tbl, ossl_x509name_hash_i, name); - - MakeX509Name(obj, namep); - namep->name = name; - + + WrapX509Name(obj, name); + return obj; } static VALUE ossl_x509name_to_h(VALUE self) { - ossl_x509name *namep = NULL; + X509_NAME *name = NULL; X509_NAME_ENTRY *entry = NULL; int i,entries = 0; char long_name[512]; const char *short_name = NULL; VALUE hash; - GetX509Name(self, namep); + GetX509Name(self, name); - entries = X509_NAME_entry_count(namep->name); + entries = X509_NAME_entry_count(name); hash = rb_hash_new(); + if (entries < 0) { + rb_warning("name entries < 0!"); + return hash; + } + for (i=0; iname, i))) { + if (!(entry = X509_NAME_get_entry(name, i))) { OSSL_Raise(eX509NameError, ""); } if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object)) { diff --git a/ossl_x509req.c b/ossl_x509req.c index 04ca6c0..2a43542 100644 --- a/ossl_x509req.c +++ b/ossl_x509req.c @@ -10,14 +10,8 @@ */ #include "ossl.h" -#define MakeX509Req(obj, reqp) {\ - obj = Data_Make_Struct(cX509Request, ossl_x509req, 0, ossl_x509req_free, reqp);\ -} -#define GetX509Req_unsafe(obj, reqp) Data_Get_Struct(obj, ossl_x509req, reqp) -#define GetX509Req(obj, reqp) {\ - GetX509Req_unsafe(obj, reqp);\ - if (!reqp->request) rb_raise(eX509RequestError, "not initialized!");\ -} +#define WrapX509Req(obj, req) obj = Data_Wrap_Struct(cX509Request, 0, X509_REQ_free, req) +#define GetX509Req(obj, req) Data_Get_Struct(obj, X509_REQ, req) /* * Classes @@ -25,31 +19,12 @@ VALUE cX509Request; VALUE eX509RequestError; -/* - * Struct - */ -typedef struct ossl_x509req_st { - X509_REQ *request; -} ossl_x509req; - - -static void -ossl_x509req_free(ossl_x509req *reqp) -{ - if(reqp) { - if(reqp->request) X509_REQ_free(reqp->request); - reqp->request = NULL; - free(reqp); - } -} - /* * Public functions */ VALUE ossl_x509req_new(X509_REQ *req) { - ossl_x509req *reqp = NULL; X509_REQ *new = NULL; VALUE self; @@ -60,8 +35,7 @@ ossl_x509req_new(X509_REQ *req) if (!new) OSSL_Raise(eX509RequestError, ""); - MakeX509Req(self, reqp); - reqp->request = new; + WrapX509Req(self, new); return self; } @@ -69,18 +43,17 @@ ossl_x509req_new(X509_REQ *req) X509_REQ * ossl_x509req_get_X509_REQ(VALUE obj) { - ossl_x509req *reqp = NULL; - X509_REQ *req = NULL; + X509_REQ *req = NULL, *new; OSSL_Check_Type(obj, cX509Request); - GetX509Req(obj, reqp); + GetX509Req(obj, req); - if (!(req = X509_REQ_dup(reqp->request))) { + if (!(new = X509_REQ_dup(req))) { OSSL_Raise(eX509RequestError, ""); } - return req; + return new; } /* @@ -89,11 +62,10 @@ ossl_x509req_get_X509_REQ(VALUE obj) static VALUE ossl_x509req_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_x509req *reqp = NULL; VALUE obj; - MakeX509Req(obj, reqp); - + obj = ossl_x509req_new(NULL); + rb_obj_call_init(obj, argc, argv); return obj; @@ -102,31 +74,21 @@ ossl_x509req_s_new(int argc, VALUE *argv, VALUE klass) static VALUE ossl_x509req_initialize(int argc, VALUE *argv, VALUE self) { - ossl_x509req *reqp = NULL; - X509_REQ *req = NULL; BIO *in = NULL; VALUE buffer; - - GetX509Req_unsafe(self, reqp); - - rb_scan_args(argc, argv, "01", &buffer); - - switch (TYPE(buffer)) { - case T_NIL: - req = X509_REQ_new(); - break; - default: - buffer = rb_String(buffer); - if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, -1))) { - OSSL_Raise(eX509RequestError, ""); - } - req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL); - BIO_free(in); + + if (argc == 0) + return self; + + buffer = rb_String(argv[0]); + if (!(in = BIO_new_mem_buf(RSTRING(buffer)->ptr, -1))) { + OSSL_Raise(eX509RequestError, ""); } - if (!req) + if (!PEM_read_bio_X509_REQ(in, (X509_REQ **)&DATA_PTR(self), NULL, NULL)) { + BIO_free(in); OSSL_Raise(eX509RequestError, ""); - - reqp->request = req; + } + BIO_free(in); return self; } @@ -134,17 +96,17 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self) static VALUE ossl_x509req_to_pem(VALUE self) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509Req(self, reqp); + GetX509Req(self, req); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509RequestError, ""); } - if (!PEM_write_bio_X509_REQ(out, reqp->request)) { + if (!PEM_write_bio_X509_REQ(out, req)) { BIO_free(out); OSSL_Raise(eX509RequestError, ""); } @@ -158,17 +120,17 @@ ossl_x509req_to_pem(VALUE self) static VALUE ossl_x509req_to_text(VALUE self) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; BIO *out = NULL; BUF_MEM *buf = NULL; VALUE str; - GetX509Req(self, reqp); + GetX509Req(self, req); if (!(out = BIO_new(BIO_s_mem()))) { OSSL_Raise(eX509RequestError, ""); } - if (!X509_REQ_print(out, reqp->request)) { + if (!X509_REQ_print(out, req)) { BIO_free(out); OSSL_Raise(eX509RequestError, ""); } @@ -185,28 +147,28 @@ ossl_x509req_to_text(VALUE self) static VALUE ossl_x509req_to_x509(VALUE self, VALUE days, VALUE key) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; X509 *x509 = NULL; - GetX509Req(self, reqp); + GetX509Req(self, req); ... - if (!(x509 = X509_REQ_to_X509(reqp->req, d, pkey))) { + if (!(x509 = X509_REQ_to_X509(req, d, pkey))) { OSSL_Raise(eX509RequestError, ""); } - return ossl_x509req_new(x509); + return ossl_x509_new(x509); } */ static VALUE ossl_x509req_get_version(VALUE self) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; long version = 0; - GetX509Req(self, reqp); + GetX509Req(self, req); - version = X509_REQ_get_version(reqp->request); + version = X509_REQ_get_version(req); return INT2NUM(version); } @@ -214,15 +176,15 @@ ossl_x509req_get_version(VALUE self) static VALUE ossl_x509req_set_version(VALUE self, VALUE version) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; long ver = 0; - GetX509Req(self, reqp); + GetX509Req(self, req); if ((ver = NUM2INT(version)) <= 0) { rb_raise(eX509RequestError, "version must be > 0!"); } - if (!X509_REQ_set_version(reqp->request, version)) { + if (!X509_REQ_set_version(req, version)) { OSSL_Raise(eX509RequestError, ""); } @@ -232,13 +194,13 @@ ossl_x509req_set_version(VALUE self, VALUE version) static VALUE ossl_x509req_get_subject(VALUE self) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; X509_NAME *name = NULL; VALUE subject; - GetX509Req(self, reqp); + GetX509Req(self, req); - if (!(name = X509_REQ_get_subject_name(reqp->request))) { + if (!(name = X509_REQ_get_subject_name(req))) { OSSL_Raise(eX509RequestError, ""); } subject = ossl_x509name_new(name); @@ -250,15 +212,14 @@ ossl_x509req_get_subject(VALUE self) static VALUE ossl_x509req_set_subject(VALUE self, VALUE subject) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; X509_NAME *name = NULL; - GetX509Req(self, reqp); + GetX509Req(self, req); - OSSL_Check_Type(subject, cX509Name); name = ossl_x509name_get_X509_NAME(subject); - if (!X509_REQ_set_subject_name(reqp->request, name)) { + if (!X509_REQ_set_subject_name(req, name)) { OSSL_Raise(eX509RequestError, ""); } /*X509_NAME_free(name);*/ @@ -269,13 +230,13 @@ ossl_x509req_set_subject(VALUE self, VALUE subject) static VALUE ossl_x509req_get_public_key(VALUE self) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; EVP_PKEY *pkey = NULL; VALUE pub_key; - GetX509Req(self, reqp); + GetX509Req(self, req); - if (!(pkey = X509_REQ_get_pubkey(reqp->request))) { + if (!(pkey = X509_REQ_get_pubkey(req))) { OSSL_Raise(eX509RequestError, ""); } pub_key = ossl_pkey_new(pkey); @@ -287,42 +248,41 @@ ossl_x509req_get_public_key(VALUE self) static VALUE ossl_x509req_set_public_key(VALUE self, VALUE pubk) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; EVP_PKEY *pkey = NULL; - GetX509Req(self, reqp); - OSSL_Check_Type(pubk, cPKey); + GetX509Req(self, req); pkey = ossl_pkey_get_EVP_PKEY(pubk); - if (!X509_REQ_set_pubkey(reqp->request, pkey)) { + if (!X509_REQ_set_pubkey(req, pkey)) { EVP_PKEY_free(pkey); OSSL_Raise(eX509RequestError, ""); } EVP_PKEY_free(pkey); - return self; + return pubk; } static VALUE ossl_x509req_sign(VALUE self, VALUE key, VALUE digest) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; EVP_PKEY *pkey = NULL; const EVP_MD *md = NULL; - GetX509Req(self, reqp); + GetX509Req(self, req); OSSL_Check_Type(key, cPKey); OSSL_Check_Type(digest, cDigest); - if (rb_funcall(key, rb_intern("private?"), 0, NULL) == Qfalse) { + if (rb_funcall(key, id_private_q, 0, NULL) == Qfalse) { rb_raise(eX509RequestError, "PRIVATE key needed to sign REQ!"); } pkey = ossl_pkey_get_EVP_PKEY(key); md = ossl_digest_get_EVP_MD(digest); - if (!X509_REQ_sign(reqp->request, pkey, md)) { + if (!X509_REQ_sign(req, pkey, md)) { EVP_PKEY_free(pkey); OSSL_Raise(eX509RequestError, ""); } @@ -337,21 +297,20 @@ ossl_x509req_sign(VALUE self, VALUE key, VALUE digest) static VALUE ossl_x509req_verify(VALUE self, VALUE key) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; EVP_PKEY *pkey = NULL; int i = 0; - GetX509Req(self, reqp); - OSSL_Check_Type(key, cPKey); + GetX509Req(self, req); pkey = ossl_pkey_get_EVP_PKEY(key); - i = X509_REQ_verify(reqp->request, pkey); + + i = X509_REQ_verify(req, pkey); EVP_PKEY_free(pkey); if (i < 0) OSSL_Raise(eX509RequestError, ""); - - if (i > 0) + else if (i > 0) return Qtrue; return Qfalse; @@ -360,22 +319,22 @@ ossl_x509req_verify(VALUE self, VALUE key) static VALUE ossl_x509req_get_attributes(VALUE self) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; int count = 0, i; X509_ATTRIBUTE *attr = NULL; VALUE ary; - GetX509Req(self, reqp); + GetX509Req(self, req); - count = X509_REQ_get_attr_count(reqp->request); + count = X509_REQ_get_attr_count(req); - if(count > 0) + if (count > 0) ary = rb_ary_new2(count); else return rb_ary_new(); for (i=0; irequest, i); + attr = X509_REQ_get_attr(req, i); rb_ary_push(ary, ossl_x509attr_new(attr)); } @@ -385,17 +344,17 @@ ossl_x509req_get_attributes(VALUE self) static VALUE ossl_x509req_set_attributes(VALUE self, VALUE ary) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; X509_ATTRIBUTE *attr = NULL; int i = 0; VALUE item; - GetX509Req(self, reqp); + GetX509Req(self, req); Check_Type(ary, T_ARRAY); - sk_X509_ATTRIBUTE_pop_free(reqp->request->req_info->attributes, X509_ATTRIBUTE_free); - reqp->request->req_info->attributes = NULL; + sk_X509_ATTRIBUTE_pop_free(req->req_info->attributes, X509_ATTRIBUTE_free); + req->req_info->attributes = NULL; for (i=0;ilen; i++) { item = RARRAY(ary)->ptr[i]; @@ -404,7 +363,7 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary) attr = ossl_x509attr_get_X509_ATTRIBUTE(item); - if (!X509_REQ_add1_attr(reqp->request, attr)) { + if (!X509_REQ_add1_attr(req, attr)) { OSSL_Raise(eX509RequestError, ""); } } @@ -415,13 +374,13 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary) static VALUE ossl_x509req_add_attribute(VALUE self, VALUE attr) { - ossl_x509req *reqp = NULL; + X509_REQ *req = NULL; - GetX509Req(self, reqp); + GetX509Req(self, req); OSSL_Check_Type(attr, cX509Attribute); - if (!X509_REQ_add1_attr(reqp->request, ossl_x509attr_get_X509_ATTRIBUTE(attr))) { + if (!X509_REQ_add1_attr(req, ossl_x509attr_get_X509_ATTRIBUTE(attr))) { OSSL_Raise(eX509RequestError, ""); } diff --git a/ossl_x509revoked.c b/ossl_x509revoked.c index efe532e..fa8e0bb 100644 --- a/ossl_x509revoked.c +++ b/ossl_x509revoked.c @@ -10,14 +10,8 @@ */ #include "ossl.h" -#define MakeX509Revoked(obj,revp) {\ - obj = Data_Make_Struct(cX509Revoked, ossl_x509revoked, 0, ossl_x509revoked_free, revp);\ -} -#define GetX509Revoked_unsafe(obj, revp) Data_Get_Struct(obj, ossl_x509revoked, revp) -#define GetX509Revoked(obj, revp) {\ - GetX509Revoked_unsafe(obj, revp);\ - if (!revp->revoked) rb_raise(eX509RevokedError, "not initialized!");\ -} +#define WrapX509Revoked(obj, rev) obj = Data_Wrap_Struct(cX509Revoked, 0, X509_REVOKED_free, rev) +#define GetX509Revoked(obj, rev) Data_Get_Struct(obj, X509_REVOKED, rev) /* * Classes @@ -25,30 +19,12 @@ VALUE cX509Revoked; VALUE eX509RevokedError; -/* - * Struct - */ -typedef struct ossl_x509revoked_st { - X509_REVOKED *revoked; -} ossl_x509revoked; - -static void -ossl_x509revoked_free(ossl_x509revoked *revp) -{ - if (revp) { - if (revp->revoked) X509_REVOKED_free(revp->revoked); - revp->revoked = NULL; - free(revp); - } -} - /* * PUBLIC */ VALUE ossl_x509revoked_new(X509_REVOKED *rev) { - ossl_x509revoked *revp = NULL; X509_REVOKED *new = NULL; VALUE obj; @@ -59,8 +35,7 @@ ossl_x509revoked_new(X509_REVOKED *rev) if (!new) OSSL_Raise(eX509RevokedError, ""); - MakeX509Revoked(obj, revp); - revp->revoked = new; + WrapX509Revoked(obj, new); return obj; } @@ -68,13 +43,16 @@ ossl_x509revoked_new(X509_REVOKED *rev) X509_REVOKED * ossl_x509revoked_get_X509_REVOKED(VALUE obj) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL, *new; OSSL_Check_Type(obj, cX509Revoked); - GetX509Revoked(obj, revp); + GetX509Revoked(obj, rev); - return X509_REVOKED_dup(revp->revoked); + if (!(new = X509_REVOKED_dup(rev))) { + OSSL_Raise(eX509RevokedError, ""); + } + return new; } /* @@ -83,50 +61,40 @@ ossl_x509revoked_get_X509_REVOKED(VALUE obj) static VALUE ossl_x509revoked_s_new(int argc, VALUE *argv, VALUE klass) { - ossl_x509revoked *revp = NULL; VALUE obj; - MakeX509Revoked(obj, revp); - + obj = ossl_x509revoked_new(NULL); + rb_obj_call_init(obj, argc, argv); return obj; } static VALUE -ossl_x509revoked_initialize(int argc, VALUE *argv, VALUE obj) +ossl_x509revoked_initialize(int argc, VALUE *argv, VALUE self) { - ossl_x509revoked *revp = NULL; - X509_REVOKED *revoked = NULL; - - GetX509Revoked_unsafe(obj, revp); - - if (!(revoked = X509_REVOKED_new())) { - OSSL_Raise(eX509RevokedError, ""); - } - revp->revoked = revoked; - - return obj; + /* EMPTY */ + return self; } static VALUE -ossl_x509revoked_get_serial(VALUE obj) +ossl_x509revoked_get_serial(VALUE self) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL; - GetX509Revoked(obj, revp); + GetX509Revoked(self, rev); - return INT2NUM(ASN1_INTEGER_get(revp->revoked->serialNumber)); + return INT2NUM(ASN1_INTEGER_get(rev->serialNumber)); } static VALUE -ossl_x509revoked_set_serial(VALUE obj, VALUE serial) +ossl_x509revoked_set_serial(VALUE self, VALUE serial) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL; - GetX509Revoked(obj, revp); + GetX509Revoked(self, rev); - if (!ASN1_INTEGER_set(revp->revoked->serialNumber, NUM2INT(serial))) { + if (!ASN1_INTEGER_set(rev->serialNumber, NUM2INT(serial))) { OSSL_Raise(eX509RevokedError, ""); } @@ -134,31 +102,26 @@ ossl_x509revoked_set_serial(VALUE obj, VALUE serial) } static VALUE -ossl_x509revoked_get_time(VALUE obj) +ossl_x509revoked_get_time(VALUE self) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL; - GetX509Revoked(obj, revp); + GetX509Revoked(self, rev); - return asn1time_to_time(revp->revoked->revocationDate); + return asn1time_to_time(rev->revocationDate); } static VALUE -ossl_x509revoked_set_time(VALUE obj, VALUE time) +ossl_x509revoked_set_time(VALUE self, VALUE time) { - ossl_x509revoked *revp = NULL; - VALUE sec; - - GetX509Revoked(obj, revp); + X509_REVOKED *rev = NULL; + time_t sec; - OSSL_Check_Type(time, rb_cTime); + GetX509Revoked(self, rev); - sec = rb_funcall(time, rb_intern("to_i"), 0, NULL); + sec = time_to_time_t(time); - if (!FIXNUM_P(sec)) - rb_raise(eX509RevokedError, "wierd time"); - - if (!ASN1_UTCTIME_set(revp->revoked->revocationDate, FIX2INT(sec))) { + if (!ASN1_UTCTIME_set(rev->revocationDate, sec)) { OSSL_Raise(eX509RevokedError, ""); } @@ -170,14 +133,14 @@ ossl_x509revoked_set_time(VALUE obj, VALUE time) static VALUE ossl_x509revoked_get_extensions(VALUE self) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL; int count = 0, i; X509_EXTENSION *ext = NULL; VALUE ary; - GetX509Revoked(self, revp); + GetX509Revoked(self, rev); - count = X509_REVOKED_get_ext_count(revp->revoked); + count = X509_REVOKED_get_ext_count(rev); if (count > 0) ary = rb_ary_new2(count); @@ -185,7 +148,7 @@ ossl_x509revoked_get_extensions(VALUE self) return rb_ary_new(); for (i=0; irevoked, i); + ext = X509_REVOKED_get_ext(rev, i); rb_ary_push(ary, ossl_x509ext_new(ext)); } @@ -198,17 +161,21 @@ ossl_x509revoked_get_extensions(VALUE self) static VALUE ossl_x509revoked_set_extensions(VALUE self, VALUE ary) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL; X509_EXTENSION *ext = NULL; int i = 0; VALUE item; - GetX509Revoked(self, revp); + GetX509Revoked(self, rev); Check_Type(ary, T_ARRAY); - - sk_X509_EXTENSION_pop_free(revp->revoked->extensions, X509_EXTENSION_free); - revp->revoked->extensions = NULL; + /* + for (i=0; ilen; i++) { + OSSL_Check_Type(RARRAY(ary)->ptr[i], cX509Extension); + } + */ + sk_X509_EXTENSION_pop_free(rev->extensions, X509_EXTENSION_free); + rev->extensions = NULL; for (i=0; ilen; i++) { item = RARRAY(ary)->ptr[i]; @@ -217,7 +184,7 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary) ext = ossl_x509ext_get_X509_EXTENSION(item); - if(!X509_REVOKED_add_ext(revp->revoked, ext, -1)) { + if(!X509_REVOKED_add_ext(rev, ext, -1)) { OSSL_Raise(eX509RevokedError, ""); } } @@ -228,13 +195,13 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary) static VALUE ossl_x509revoked_add_extension(VALUE self, VALUE ext) { - ossl_x509revoked *revp = NULL; + X509_REVOKED *rev = NULL; - GetX509Revoked(self, revp); + GetX509Revoked(self, rev); OSSL_Check_Type(ext, cX509Extension); - if(!X509_REVOKED_add_ext(revp->revoked, ossl_x509ext_get_X509_EXTENSION(ext), -1)) { + if(!X509_REVOKED_add_ext(rev, ossl_x509ext_get_X509_EXTENSION(ext), -1)) { OSSL_Raise(eX509RevokedError, ""); } -- cgit v1.2.3