summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_ns_spki.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl/ossl_ns_spki.c')
-rw-r--r--ext/openssl/ossl_ns_spki.c232
1 files changed, 232 insertions, 0 deletions
diff --git a/ext/openssl/ossl_ns_spki.c b/ext/openssl/ossl_ns_spki.c
new file mode 100644
index 0000000000..bcefcbdfde
--- /dev/null
+++ b/ext/openssl/ossl_ns_spki.c
@@ -0,0 +1,232 @@
+/*
+ * $Id$
+ * 'OpenSSL for Ruby' project
+ * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
+ * All rights reserved.
+ */
+/*
+ * This program is licenced under the same licence as Ruby.
+ * (See the file 'LICENCE'.)
+ */
+#include "ossl.h"
+
+#define WrapSPKI(klass, obj, spki) do { \
+ if (!spki) { \
+ ossl_raise(rb_eRuntimeError, "SPKI wasn't initialized!"); \
+ } \
+ obj = Data_Wrap_Struct(klass, 0, NETSCAPE_SPKI_free, spki); \
+} while (0)
+#define GetSPKI(obj, spki) do { \
+ Data_Get_Struct(obj, NETSCAPE_SPKI, spki); \
+ if (!spki) { \
+ ossl_raise(rb_eRuntimeError, "SPKI wasn't initialized!"); \
+ } \
+} while (0)
+
+/*
+ * Classes
+ */
+VALUE mNetscape;
+VALUE cSPKI;
+VALUE eSPKIError;
+
+/*
+ * Public functions
+ */
+
+/*
+ * Private functions
+ */
+static VALUE
+ossl_spki_alloc(VALUE klass)
+{
+ NETSCAPE_SPKI *spki;
+ VALUE obj;
+
+ if (!(spki = NETSCAPE_SPKI_new())) {
+ ossl_raise(eSPKIError, NULL);
+ }
+ WrapSPKI(klass, obj, spki);
+
+ return obj;
+}
+DEFINE_ALLOC_WRAPPER(ossl_spki_alloc)
+
+static VALUE
+ossl_spki_initialize(int argc, VALUE *argv, VALUE self)
+{
+ NETSCAPE_SPKI *spki;
+ VALUE buffer;
+
+ if (rb_scan_args(argc, argv, "01", &buffer) == 0) {
+ return self;
+ }
+ if (!(spki = NETSCAPE_SPKI_b64_decode(StringValuePtr(buffer), -1))) {
+ ossl_raise(eSPKIError, NULL);
+ }
+ NETSCAPE_SPKI_free(DATA_PTR(self));
+ DATA_PTR(self) = spki;
+
+ return self;
+}
+
+static VALUE
+ossl_spki_to_pem(VALUE self)
+{
+ NETSCAPE_SPKI *spki;
+ char *data;
+ VALUE str;
+
+ GetSPKI(self, spki);
+ if (!(data = NETSCAPE_SPKI_b64_encode(spki))) {
+ ossl_raise(eSPKIError, NULL);
+ }
+ str = rb_str_new2(data);
+ OPENSSL_free(data);
+
+ return str;
+}
+
+static VALUE
+ossl_spki_print(VALUE self)
+{
+ NETSCAPE_SPKI *spki;
+ BIO *out;
+ BUF_MEM *buf;
+ VALUE str;
+
+ GetSPKI(self, spki);
+ if (!(out = BIO_new(BIO_s_mem()))) {
+ ossl_raise(eSPKIError, NULL);
+ }
+ if (!NETSCAPE_SPKI_print(out, spki)) {
+ BIO_free(out);
+ ossl_raise(eSPKIError, NULL);
+ }
+ BIO_get_mem_ptr(out, &buf);
+ str = rb_str_new(buf->data, buf->length);
+ BIO_free(out);
+
+ return str;
+}
+
+static VALUE
+ossl_spki_get_public_key(VALUE self)
+{
+ NETSCAPE_SPKI *spki;
+ EVP_PKEY *pkey;
+
+ GetSPKI(self, spki);
+ if (!(pkey = NETSCAPE_SPKI_get_pubkey(spki))) { /* adds an reference */
+ ossl_raise(eSPKIError, NULL);
+ }
+
+ return ossl_pkey_new(pkey); /* NO DUP - OK */
+}
+
+static VALUE
+ossl_spki_set_public_key(VALUE self, VALUE key)
+{
+ NETSCAPE_SPKI *spki;
+
+ GetSPKI(self, spki);
+ if (!NETSCAPE_SPKI_set_pubkey(spki, GetPKeyPtr(key))) { /* NO NEED TO DUP */
+ ossl_raise(eSPKIError, NULL);
+ }
+
+ return key;
+}
+
+static VALUE
+ossl_spki_get_challenge(VALUE self)
+{
+ NETSCAPE_SPKI *spki;
+
+ GetSPKI(self, spki);
+ if (spki->spkac->challenge->length <= 0) {
+ OSSL_Debug("Challenge.length <= 0?");
+ return rb_str_new2(NULL);
+ }
+
+ return rb_str_new(spki->spkac->challenge->data,
+ spki->spkac->challenge->length);
+}
+
+static VALUE
+ossl_spki_set_challenge(VALUE self, VALUE str)
+{
+ NETSCAPE_SPKI *spki;
+
+ GetSPKI(self, spki);
+ StringValue(str);
+ if (!ASN1_STRING_set(spki->spkac->challenge, RSTRING(str)->ptr,
+ RSTRING(str)->len)) {
+ ossl_raise(eSPKIError, NULL);
+ }
+
+ return str;
+}
+
+static VALUE
+ossl_spki_sign(VALUE self, VALUE key, VALUE digest)
+{
+ NETSCAPE_SPKI *spki;
+ EVP_PKEY *pkey;
+ const EVP_MD *md;
+
+ GetSPKI(self, spki);
+ pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
+ md = GetDigestPtr(digest);
+ if (!NETSCAPE_SPKI_sign(spki, pkey, md)) {
+ ossl_raise(eSPKIError, NULL);
+ }
+
+ return self;
+}
+
+/*
+ * Checks that cert signature is made with PRIVversion of this PUBLIC 'key'
+ */
+static VALUE
+ossl_spki_verify(VALUE self, VALUE key)
+{
+ NETSCAPE_SPKI *spki;
+
+ GetSPKI(self, spki);
+ switch (NETSCAPE_SPKI_verify(spki, GetPKeyPtr(key))) { /* NO NEED TO DUP */
+ case 0:
+ return Qfalse;
+ case 1:
+ return Qtrue;
+ default:
+ ossl_raise(eSPKIError, NULL);
+ }
+ return Qnil; /* dummy */
+}
+
+/*
+ * NETSCAPE_SPKI init
+ */
+void
+Init_ossl_ns_spki()
+{
+ mNetscape = rb_define_module_under(mOSSL, "Netscape");
+
+ eSPKIError = rb_define_class_under(mNetscape, "SPKIError", eOSSLError);
+
+ cSPKI = rb_define_class_under(mNetscape, "SPKI", rb_cObject);
+
+ rb_define_alloc_func(cSPKI, ossl_spki_alloc);
+ rb_define_method(cSPKI, "initialize", ossl_spki_initialize, -1);
+
+ rb_define_method(cSPKI, "to_pem", ossl_spki_to_pem, 0);
+ rb_define_alias(cSPKI, "to_s", "to_pem");
+ rb_define_method(cSPKI, "to_text", ossl_spki_print, 0);
+ rb_define_method(cSPKI, "public_key", ossl_spki_get_public_key, 0);
+ rb_define_method(cSPKI, "public_key=", ossl_spki_set_public_key, 1);
+ rb_define_method(cSPKI, "sign", ossl_spki_sign, 2);
+ rb_define_method(cSPKI, "verify", ossl_spki_verify, 1);
+ rb_define_method(cSPKI, "challenge", ossl_spki_get_challenge, 0);
+ rb_define_method(cSPKI, "challenge=", ossl_spki_set_challenge, 1);
+}
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 04:33:35 +0000