summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl.c
diff options
context:
space:
mode:
authordrbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-02-19 01:27:33 +0000
committerdrbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-02-19 01:27:33 +0000
commitb043b0592bf284dc53555b7e6d0238a3796da45e (patch)
tree5e32e590fda2c05f23f9944bb21f84faede1dfaf /ext/openssl/ossl.c
parentcc16b2139b50ae00e44c672bdf6c932da630d007 (diff)
* ext/openssl/ossl.c (class OpenSSL): Fixed ExtensionFactory example.
Patch by Richard Bradley. [ruby-trunk - Bug #7551] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl.c')
-rw-r--r--ext/openssl/ossl.c32
1 files changed, 21 insertions, 11 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index df63294..f388f3c 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -701,10 +701,15 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
*
* extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert
*
- * extension_factory.create_extension 'basicConstraints', 'CA:FALSE'
- * extension_factory.create_extension 'keyUsage',
- * 'keyEncipherment,dataEncipherment,digitalSignature'
- * extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+ * cert.add_extension(extension_factory.create_extension
+ * 'basicConstraints', 'CA:FALSE')
+ * cert.add_extension(extension_factory.create_extension
+ * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
+ * cert.add_extension(extension_factory.create_extension
+ * 'subjectKeyIdentifier', 'hash')
+ *
+ * The list of supported extensions (and in some cases their possible values)
+ * can be derived from the "objects.h" file in the OpenSSL source code.
*
* === Signing a Certificate
*
@@ -772,16 +777,19 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
* extension_factory.subject_certificate = ca_cert
* extension_factory.issuer_certificate = ca_cert
*
- * extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+ * ca_cert.add_extension(extension_factory.create_extension
+ * 'subjectKeyIdentifier', 'hash')
*
* This extension indicates the CA's key may be used as a CA.
*
- * extension_factory.create_extension 'basicConstraints', 'CA:TRUE', true
+ * ca_cert.add_extension(extension_factory.create_extension
+ * 'basicConstraints', 'CA:TRUE', true)
*
* This extension indicates the CA's key may be used to verify signatures on
* both certificates and certificate revocations.
*
- * extension_factory.create_extension 'keyUsage', 'cRLSign,keyCertSign', true
+ * ca_cert.add_extension(extension_factory.create_extension
+ * 'keyUsage', 'cRLSign,keyCertSign', true)
*
* Root CA certificates are self-signed.
*
@@ -837,10 +845,12 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
* extension_factory.subject_certificate = csr_cert
* extension_factory.issuer_certificate = ca_cert
*
- * extension_factory.create_extension 'basicConstraints', 'CA:FALSE'
- * extension_factory.create_extension 'keyUsage',
- * 'keyEncipherment,dataEncipherment,digitalSignature'
- * extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+ * csr_cert.add_extension(extension_factory.create_extension
+ * 'basicConstraints', 'CA:FALSE')
+ * csr_cert.add_extension(extension_factory.create_extension
+ * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
+ * csr_cert.add_extension(extension_factory.create_extension
+ * 'subjectKeyIdentifier', 'hash')
*
* csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new
*