From 953e8aca2be6a74a4829f8729cd4ba8e501207fe Mon Sep 17 00:00:00 2001 From: technorama Date: Thu, 5 Apr 2007 05:59:22 +0000 Subject: * ext/openssl/ossl_pkcs5.c: New module. * ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c: Remove redundant module namespace. * ext/openssl/lib/openssl/{cipher,digest}.rb Add backwards compatibile classes for rearranged classes. * ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12148 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ext/openssl/extconf.rb | 2 + ext/openssl/lib/openssl/cipher.rb | 37 ++++++++------- ext/openssl/lib/openssl/digest.rb | 7 ++- ext/openssl/ossl.c | 1 + ext/openssl/ossl_cipher.c | 8 ++-- ext/openssl/ossl_cipher.h | 1 - ext/openssl/ossl_digest.c | 8 +--- ext/openssl/ossl_digest.h | 1 - ext/openssl/ossl_pkcs12.c | 74 ++++++++++++++++++++++++++---- ext/openssl/ossl_pkcs12.h | 1 - ext/openssl/ossl_pkcs5.c | 96 +++++++++++++++++++++++++++++++++++++++ ext/openssl/ossl_pkcs7.c | 54 ++++++++++++++++------ ext/openssl/ossl_pkcs7.h | 1 - 13 files changed, 234 insertions(+), 57 deletions(-) create mode 100644 ext/openssl/ossl_pkcs5.c (limited to 'ext/openssl') diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 27550f5dc7..bc3f4fd2ed 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -83,6 +83,8 @@ have_func("HMAC_CTX_cleanup") have_func("HMAC_CTX_copy") have_func("HMAC_CTX_init") have_func("PEM_def_callback") +have_func("PKCS5_PBKDF2_HMAC") +have_func("PKCS5_PBKDF2_HMAC_SHA1") have_func("X509V3_set_nconf") have_func("X509V3_EXT_nconf_nid") have_func("X509_CRL_add0_revoked") diff --git a/ext/openssl/lib/openssl/cipher.rb b/ext/openssl/lib/openssl/cipher.rb index 45cf6ac93e..290e9c1d2d 100644 --- a/ext/openssl/lib/openssl/cipher.rb +++ b/ext/openssl/lib/openssl/cipher.rb @@ -19,7 +19,7 @@ #require 'openssl' module OpenSSL - module Cipher + class Cipher %w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|name| klass = Class.new(Cipher){ define_method(:initialize){|*args| @@ -41,22 +41,25 @@ module OpenSSL const_set("AES#{keylen}", klass) } - class Cipher - # Generate, set, and return a random key. - # You must call cipher.encrypt or cipher.decrypt before calling this method. - def random_key - str = OpenSSL::Random.random_bytes(self.key_len) - self.key = str - return str - end - - # Generate, set, and return a random iv. - # You must call cipher.encrypt or cipher.decrypt before calling this method. - def random_iv - str = OpenSSL::Random.random_bytes(self.iv_len) - self.iv = str - return str - end + # Generate, set, and return a random key. + # You must call cipher.encrypt or cipher.decrypt before calling this method. + def random_key + str = OpenSSL::Random.random_bytes(self.key_len) + self.key = str + return str + end + + # Generate, set, and return a random iv. + # You must call cipher.encrypt or cipher.decrypt before calling this method. + def random_iv + str = OpenSSL::Random.random_bytes(self.iv_len) + self.iv = str + return str + end + + # This class is only provided for backwards compatibility. Use OpenSSL::Digest in the future. + class Cipher < Cipher + # add warning end end # Cipher end # OpenSSL diff --git a/ext/openssl/lib/openssl/digest.rb b/ext/openssl/lib/openssl/digest.rb index b3e4484805..8d7df73b54 100644 --- a/ext/openssl/lib/openssl/digest.rb +++ b/ext/openssl/lib/openssl/digest.rb @@ -19,7 +19,7 @@ #require 'openssl' module OpenSSL - module Digest + class Digest alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1) if OPENSSL_VERSION_NUMBER > 0x00908000 @@ -44,6 +44,11 @@ module OpenSSL const_set(name, klass) } + # This class is only provided for backwards compatibility. Use OpenSSL::Digest in the future. + class Digest < Digest + # add warning + end + end # Digest end # OpenSSL diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index dda3832268..53f476fd65 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -473,6 +473,7 @@ Init_openssl() Init_ossl_ns_spki(); Init_ossl_pkcs12(); Init_ossl_pkcs7(); + Init_ossl_pkcs5(); Init_ossl_pkey(); Init_ossl_rand(); Init_ossl_ssl(); diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index e91b15461e..b680dc6e64 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -26,7 +26,6 @@ /* * Classes */ -VALUE mCipher; VALUE cCipher; VALUE eCipherError; @@ -540,13 +539,12 @@ Init_ossl_cipher(void) #if 0 /* let rdoc know about mOSSL */ mOSSL = rb_define_module("OpenSSL"); #endif - mCipher = rb_define_module_under(mOSSL, "Cipher"); - eCipherError = rb_define_class_under(mOSSL, "CipherError", eOSSLError); - cCipher = rb_define_class_under(mCipher, "Cipher", rb_cObject); + cCipher = rb_define_class_under(mOSSL, "Cipher", rb_cObject); + eCipherError = rb_define_class_under(cCipher, "CipherError", eOSSLError); rb_define_alloc_func(cCipher, ossl_cipher_alloc); rb_define_copy_func(cCipher, ossl_cipher_copy); - rb_define_module_function(mCipher, "ciphers", ossl_s_ciphers, 0); + rb_define_module_function(cCipher, "ciphers", ossl_s_ciphers, 0); rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1); rb_define_method(cCipher, "reset", ossl_cipher_reset, 0); rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1); diff --git a/ext/openssl/ossl_cipher.h b/ext/openssl/ossl_cipher.h index 63c7a875e8..bed4fa853b 100644 --- a/ext/openssl/ossl_cipher.h +++ b/ext/openssl/ossl_cipher.h @@ -11,7 +11,6 @@ #if !defined(_OSSL_CIPHER_H_) #define _OSSL_CIPHER_H_ -extern VALUE mCipher; extern VALUE cCipher; extern VALUE eCipherError; diff --git a/ext/openssl/ossl_digest.c b/ext/openssl/ossl_digest.c index 9b280a3d4d..118626fd71 100644 --- a/ext/openssl/ossl_digest.c +++ b/ext/openssl/ossl_digest.c @@ -24,7 +24,6 @@ /* * Classes */ -VALUE mDigest; VALUE cDigest; VALUE eDigestError; @@ -321,11 +320,8 @@ Init_ossl_digest() mOSSL = rb_define_module("OpenSSL"); #endif - mDigest = rb_define_module_under(mOSSL, "Digest"); - - eDigestError = rb_define_class_under(mDigest, "DigestError", eOSSLError); - - cDigest = rb_define_class_under(mDigest, "Digest", rb_cObject); + cDigest = rb_define_class_under(mOSSL, "Digest", rb_cObject); + eDigestError = rb_define_class_under(cDigest, "DigestError", eOSSLError); rb_define_alloc_func(cDigest, ossl_digest_alloc); rb_define_singleton_method(cDigest, "digest", ossl_digest_s_digest, 2); diff --git a/ext/openssl/ossl_digest.h b/ext/openssl/ossl_digest.h index 8a1f7964f2..8cc5b1bc56 100644 --- a/ext/openssl/ossl_digest.h +++ b/ext/openssl/ossl_digest.h @@ -11,7 +11,6 @@ #if !defined(_OSSL_DIGEST_H_) #define _OSSL_DIGEST_H_ -extern VALUE mDigest; extern VALUE cDigest; extern VALUE eDigestError; diff --git a/ext/openssl/ossl_pkcs12.c b/ext/openssl/ossl_pkcs12.c index 5336a60ecd..2ec69ba8db 100644 --- a/ext/openssl/ossl_pkcs12.c +++ b/ext/openssl/ossl_pkcs12.c @@ -30,7 +30,6 @@ /* * Classes */ -VALUE mPKCS12; VALUE cPKCS12; VALUE ePKCS12Error; @@ -49,32 +48,85 @@ ossl_pkcs12_s_allocate(VALUE klass) return obj; } +/* + * call-seq: + * PKCS12.create(pass, name, key, cert [, ca, [, key_pbe [, cert_pbe [, key_iter [, mac_iter [, keytype]]]]]]) + * + * === Parameters + * * +pass+ - string + * * +name+ - A string describing the key. + * * +key+ - Any PKey. + * * +cert+ - A X509::Certificate. + * * * The public_key portion of the certificate must contain a valid public key. + * * * The not_before and not_after fields must be filled in. + * * +ca+ - An optional array of X509::Certificate's. + * * +key_pbe+ - string + * * +cert_pbe+ - string + * * +key_iter+ - integer + * * +mac_iter+ - integer + * * +keytype+ - An integer representing an MSIE specific extension. + * + * Any optional arguments may be supplied as nil to preserve the OpenSSL defaults. + * + * See the OpenSSL documentation for PKCS12_create(). + */ static VALUE ossl_pkcs12_s_create(int argc, VALUE *argv, VALUE self) { - VALUE pass, name, pkey, cert, ca; + VALUE pass, name, pkey, cert, ca, key_nid, cert_nid, key_iter, mac_iter, keytype; VALUE obj; char *passphrase, *friendlyname; EVP_PKEY *key; X509 *x509; STACK_OF(X509) *x509s; + int nkey = 0, ncert = 0, kiter = 0, miter = 0, ktype = 0; PKCS12 *p12; - rb_scan_args(argc, argv, "41", &pass, &name, &pkey, &cert, &ca); + rb_scan_args(argc, argv, "46", &pass, &name, &pkey, &cert, &ca, &key_nid, &cert_nid, &key_iter, &mac_iter, &keytype); passphrase = NIL_P(pass) ? NULL : StringValuePtr(pass); friendlyname = NIL_P(name) ? NULL : StringValuePtr(name); key = GetPKeyPtr(pkey); x509 = GetX509CertPtr(cert); x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca); +/* TODO: make a VALUE to nid function */ + if (!NIL_P(key_nid)) { + if ((nkey = OBJ_txt2nid(StringValuePtr(key_nid))) == NID_undef) + rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(key_nid)); + } + if (!NIL_P(cert_nid)) { + if ((ncert = OBJ_txt2nid(StringValuePtr(cert_nid))) == NID_undef) + rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(cert_nid)); + } + if (!NIL_P(key_iter)) + kiter = NUM2INT(key_iter); + if (!NIL_P(mac_iter)) + miter = NUM2INT(mac_iter); + if (!NIL_P(keytype)) + ktype = NUM2INT(keytype); + p12 = PKCS12_create(passphrase, friendlyname, key, x509, x509s, - 0, 0, 0, 0, 0); + nkey, ncert, kiter, miter, ktype); sk_X509_pop_free(x509s, X509_free); if(!p12) ossl_raise(ePKCS12Error, NULL); WrapPKCS12(cPKCS12, obj, p12); + ossl_pkcs12_set_key(obj, pkey); + ossl_pkcs12_set_cert(obj, cert); + ossl_pkcs12_set_ca_certs(obj, ca); + return obj; } +/* + * call-seq: + * PKCS12.new -> pkcs12 + * PKCS12.new(str) -> pkcs12 + * PKCS12.new(str, pass) -> pkcs12 + * + * === Parameters + * * +str+ - Must be a DER encoded PKCS12 string. + * * +pass+ - string + */ static VALUE ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self) { @@ -94,7 +146,7 @@ ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self) pkey = cert = ca = Qnil; if(!PKCS12_parse((PKCS12*)DATA_PTR(self), passphrase, &key, &x509, &x509s)) - ossl_raise(ePKCS12Error, NULL); + ossl_raise(ePKCS12Error, "PKCS12_parse"); pkey = rb_protect((VALUE(*)_((VALUE)))ossl_pkey_new, (VALUE)key, &st); /* NO DUP */ if(st) goto err; @@ -140,10 +192,14 @@ ossl_pkcs12_to_der(VALUE self) void Init_ossl_pkcs12() { - mPKCS12 = rb_define_module_under(mOSSL, "PKCS12"); - cPKCS12 = rb_define_class_under(mPKCS12, "PKCS12", rb_cObject); - ePKCS12Error = rb_define_class_under(mPKCS12, "PKCS12Error", eOSSLError); - rb_define_module_function(mPKCS12, "create", ossl_pkcs12_s_create, -1); + /* + * Defines a file format commonly used to store private keys with + * accompanying public key certificates, protected with a password-based + * symmetric key. + */ + cPKCS12 = rb_define_class_under(mOSSL, "PKCS12", rb_cObject); + ePKCS12Error = rb_define_class_under(cPKCS12, "PKCS12Error", eOSSLError); + rb_define_singleton_method(cPKCS12, "create", ossl_pkcs12_s_create, -1); rb_define_alloc_func(cPKCS12, ossl_pkcs12_s_allocate); rb_attr(cPKCS12, rb_intern("key"), 1, 0, Qfalse); diff --git a/ext/openssl/ossl_pkcs12.h b/ext/openssl/ossl_pkcs12.h index 01dde2bc30..24d25d00bb 100644 --- a/ext/openssl/ossl_pkcs12.h +++ b/ext/openssl/ossl_pkcs12.h @@ -6,7 +6,6 @@ #if !defined(_OSSL_PKCS12_H_) #define _OSSL_PKCS12_H_ -extern VALUE mPKCS12; extern VALUE cPKCS12; extern VALUE ePKCS12Error; diff --git a/ext/openssl/ossl_pkcs5.c b/ext/openssl/ossl_pkcs5.c new file mode 100644 index 0000000000..ca02a18c67 --- /dev/null +++ b/ext/openssl/ossl_pkcs5.c @@ -0,0 +1,96 @@ +/* + * $Id$ + * Copyright (C) 2007 Technorama Ltd. + */ +#include "ossl.h" + +VALUE mPKCS5; +VALUE ePKCS5; + +/* + * call-seq: + * PKCS5.pbkdf2_hmac(pass, salt, iter, keylen, digest) => string + * + * === Parameters + * * +pass+ - string + * * +salt+ - string + * * +iter+ - integer - should be greater than 1000. 2000 is better. + * * +keylen+ - integer + * * +digest+ - a string or OpenSSL::Digest object. + * + * Available in OpenSSL 0.9.9?. + * + * Digests other than SHA1 may not be supported by other cryptography libraries. + */ +static VALUE +ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen, VALUE digest) +{ +#ifdef HAVE_PKCS5_PBKDF2_HMAC + VALUE str; + const EVP_MD md; + int len = NUM2INT(keylen); + + StringValue(pass); + StringValue(salt); + md = GetDigestPtr(digest); + + str = rb_str_new(0, len); + + if (PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), md, len, RSTRING_PTR(str)) != 1) + ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC"); + + return str; +#else + rb_notimplement(); +#endif +} + + +/* + * call-seq: + * PKCS5.pbkdf2_hmac_sha1(pass, salt, iter, keylen) => string + * + * === Parameters + * * +pass+ - string + * * +salt+ - string + * * +iter+ - integer - should be greater than 1000. 2000 is better. + * * +keylen+ - integer + * + * This method is available almost any version OpenSSL. + * + * Conforms to rfc2898. + */ +static VALUE +ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen) +{ +#ifdef HAVE_PKCS5_PBKDF2_HMAC_SHA1 + VALUE str; + int len = NUM2INT(keylen); + + StringValue(pass); + StringValue(salt); + + str = rb_str_new(0, len); + + if (PKCS5_PBKDF2_HMAC_SHA1(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), len, RSTRING_PTR(str)) != 1) + ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC_SHA1"); + + return str; +#else + rb_notimplement(); +#endif +} + +void +Init_ossl_pkcs5() +{ + /* + * Password-based Encryption + * + */ + mPKCS5 = rb_define_module_under(mOSSL, "PKCS5"); + ePKCS5 = rb_define_class_under(mPKCS5, "PKCS5Error", eOSSLError); + + rb_define_module_function(mPKCS5, "pbkdf2_hmac", ossl_pkcs5_pbkdf2_hmac, 5); + rb_define_module_function(mPKCS5, "pbkdf2_hmac_sha1", ossl_pkcs5_pbkdf2_hmac_sha1, 4); +} diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index 04dd0d8d30..6918844779 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -71,7 +71,6 @@ /* * Classes */ -VALUE mPKCS7; VALUE cPKCS7; VALUE cPKCS7Signer; VALUE cPKCS7Recipient; @@ -134,7 +133,8 @@ DupPKCS7RecipientPtr(VALUE obj) } /* - * Private + * call-seq: + * PKCS7.read_smime(string) => pkcs7 */ static VALUE ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg) @@ -156,6 +156,10 @@ ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg) return ret; } +/* + * call-seq: + * PKCS7.write_smime(pkcs7 [, data [, flags]]) => string + */ static VALUE ossl_pkcs7_s_write_smime(int argc, VALUE *argv, VALUE klass) { @@ -187,6 +191,10 @@ ossl_pkcs7_s_write_smime(int argc, VALUE *argv, VALUE klass) return str; } +/* + * call-seq: + * PKCS7.sign(cert, key, data, [, certs [, flags]]) => pkcs7 + */ static VALUE ossl_pkcs7_s_sign(int argc, VALUE *argv, VALUE klass) { @@ -226,6 +234,10 @@ ossl_pkcs7_s_sign(int argc, VALUE *argv, VALUE klass) return ret; } +/* + * call-seq: + * PKCS7.encrypt(certs, data, [, cipher [, flags]]) => pkcs7 + */ static VALUE ossl_pkcs7_s_encrypt(int argc, VALUE *argv, VALUE klass) { @@ -287,6 +299,13 @@ ossl_pkcs7_alloc(VALUE klass) return obj; } +/* + * call-seq: + * PKCS7.new => pkcs7 + * PKCS7.new(string) => pkcs7 + * + * Many methods in this class aren't documented. + */ static VALUE ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) { @@ -364,6 +383,10 @@ ossl_pkcs7_sym2typeid(VALUE sym) return ret; } +/* + * call-seq: + * pkcs7.type = type => type + */ static VALUE ossl_pkcs7_set_type(VALUE self, VALUE type) { @@ -376,6 +399,10 @@ ossl_pkcs7_set_type(VALUE self, VALUE type) return type; } +/* + * call-seq: + * pkcs7.type => string or nil + */ static VALUE ossl_pkcs7_get_type(VALUE self) { @@ -926,15 +953,12 @@ ossl_pkcs7ri_get_enc_key(VALUE self) void Init_ossl_pkcs7() { - mPKCS7 = rb_define_module_under(mOSSL, "PKCS7"); - - ePKCS7Error = rb_define_class_under(mPKCS7, "PKCS7Error", eOSSLError); - - cPKCS7 = rb_define_class_under(mPKCS7, "PKCS7", rb_cObject); - rb_define_singleton_method(mPKCS7, "read_smime", ossl_pkcs7_s_read_smime, 1); - rb_define_singleton_method(mPKCS7, "write_smime", ossl_pkcs7_s_write_smime, -1); - rb_define_singleton_method(mPKCS7, "sign", ossl_pkcs7_s_sign, -1); - rb_define_singleton_method(mPKCS7, "encrypt", ossl_pkcs7_s_encrypt, -1); + cPKCS7 = rb_define_class_under(mOSSL, "PKCS7", rb_cObject); + ePKCS7Error = rb_define_class_under(cPKCS7, "PKCS7Error", eOSSLError); + rb_define_singleton_method(cPKCS7, "read_smime", ossl_pkcs7_s_read_smime, 1); + rb_define_singleton_method(cPKCS7, "write_smime", ossl_pkcs7_s_write_smime, -1); + rb_define_singleton_method(cPKCS7, "sign", ossl_pkcs7_s_sign, -1); + rb_define_singleton_method(cPKCS7, "encrypt", ossl_pkcs7_s_encrypt, -1); rb_attr(cPKCS7, rb_intern("data"), 1, 0, Qfalse); rb_attr(cPKCS7, rb_intern("error_string"), 1, 1, Qfalse); rb_define_alloc_func(cPKCS7, ossl_pkcs7_alloc); @@ -964,8 +988,8 @@ Init_ossl_pkcs7() rb_define_alias(cPKCS7, "to_s", "to_pem"); rb_define_method(cPKCS7, "to_der", ossl_pkcs7_to_der, 0); - cPKCS7Signer = rb_define_class_under(mPKCS7, "SignerInfo", rb_cObject); - rb_define_const(mPKCS7, "Signer", cPKCS7Signer); + cPKCS7Signer = rb_define_class_under(cPKCS7, "SignerInfo", rb_cObject); + rb_define_const(cPKCS7, "Signer", cPKCS7Signer); rb_define_alloc_func(cPKCS7Signer, ossl_pkcs7si_alloc); rb_define_method(cPKCS7Signer, "initialize", ossl_pkcs7si_initialize,3); rb_define_method(cPKCS7Signer, "issuer", ossl_pkcs7si_get_issuer, 0); @@ -973,14 +997,14 @@ Init_ossl_pkcs7() rb_define_method(cPKCS7Signer, "serial", ossl_pkcs7si_get_serial,0); rb_define_method(cPKCS7Signer,"signed_time",ossl_pkcs7si_get_signed_time,0); - cPKCS7Recipient = rb_define_class_under(mPKCS7,"RecipientInfo",rb_cObject); + cPKCS7Recipient = rb_define_class_under(cPKCS7,"RecipientInfo",rb_cObject); rb_define_alloc_func(cPKCS7Recipient, ossl_pkcs7ri_alloc); rb_define_method(cPKCS7Recipient, "initialize", ossl_pkcs7ri_initialize,1); rb_define_method(cPKCS7Recipient, "issuer", ossl_pkcs7ri_get_issuer,0); rb_define_method(cPKCS7Recipient, "serial", ossl_pkcs7ri_get_serial,0); rb_define_method(cPKCS7Recipient, "enc_key", ossl_pkcs7ri_get_enc_key,0); -#define DefPKCS7Const(x) rb_define_const(mPKCS7, #x, INT2NUM(PKCS7_##x)) +#define DefPKCS7Const(x) rb_define_const(cPKCS7, #x, INT2NUM(PKCS7_##x)) DefPKCS7Const(TEXT); DefPKCS7Const(NOCERTS); diff --git a/ext/openssl/ossl_pkcs7.h b/ext/openssl/ossl_pkcs7.h index f5942d65db..371c421103 100644 --- a/ext/openssl/ossl_pkcs7.h +++ b/ext/openssl/ossl_pkcs7.h @@ -11,7 +11,6 @@ #if !defined(_OSSL_PKCS7_H_) #define _OSSL_PKCS7_H_ -extern VALUE mPKCS7; extern VALUE cPKCS7; extern VALUE cPKCS7Signer; extern VALUE cPKCS7Recipient; -- cgit v1.2.3