diff options
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/ossl.c | 43 |
1 files changed, 25 insertions, 18 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index f388f3cc07..99307b4a75 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -701,12 +701,15 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) * * extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert * - * cert.add_extension(extension_factory.create_extension - * 'basicConstraints', 'CA:FALSE') - * cert.add_extension(extension_factory.create_extension - * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature') - * cert.add_extension(extension_factory.create_extension - * 'subjectKeyIdentifier', 'hash') + * cert.add_extension \ + * extension_factory.create_extension('basicConstraints', 'CA:FALSE', true) + * + * cert.add_extension \ + * extension_factory.create_extension( + * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature') + * + * cert.add_extension \ + * extension_factory.create_extension('subjectKeyIdentifier', 'hash') * * The list of supported extensions (and in some cases their possible values) * can be derived from the "objects.h" file in the OpenSSL source code. @@ -777,19 +780,20 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) * extension_factory.subject_certificate = ca_cert * extension_factory.issuer_certificate = ca_cert * - * ca_cert.add_extension(extension_factory.create_extension - * 'subjectKeyIdentifier', 'hash') + * ca_cert.add_extension \ + * extension_factory.create_extension('subjectKeyIdentifier', 'hash') * * This extension indicates the CA's key may be used as a CA. * - * ca_cert.add_extension(extension_factory.create_extension - * 'basicConstraints', 'CA:TRUE', true) + * ca_cert.add_extension \ + * extension_factory.create_extension('basicConstraints', 'CA:TRUE', true) * * This extension indicates the CA's key may be used to verify signatures on * both certificates and certificate revocations. * - * ca_cert.add_extension(extension_factory.create_extension - * 'keyUsage', 'cRLSign,keyCertSign', true) + * ca_cert.add_extension \ + * extension_factory.create_extension( + * 'keyUsage', 'cRLSign,keyCertSign', true) * * Root CA certificates are self-signed. * @@ -845,12 +849,15 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) * extension_factory.subject_certificate = csr_cert * extension_factory.issuer_certificate = ca_cert * - * csr_cert.add_extension(extension_factory.create_extension - * 'basicConstraints', 'CA:FALSE') - * csr_cert.add_extension(extension_factory.create_extension - * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature') - * csr_cert.add_extension(extension_factory.create_extension - * 'subjectKeyIdentifier', 'hash') + * csr_cert.add_extension \ + * extension_factory.create_extension('basicConstraints', 'CA:FALSE') + * + * csr_cert.add_extension \ + * extension_factory.create_extension( + * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature') + * + * csr_cert.add_extension \ + * extension_factory.create_extension('subjectKeyIdentifier', 'hash') * * csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new * |