Class: OpenSSL::X509::StoreContext
- Inherits:
-
Object
- Object
- OpenSSL::X509::StoreContext
- Defined in:
- ext/openssl/ossl_x509store.c,
lib/openssl/x509.rb,
ext/openssl/ossl_x509store.c
Overview
A StoreContext is used while validating a single certificate and holds the status involved.
Instance Method Summary collapse
- #chain ⇒ Array of X509::Certificate
- #cleanup ⇒ Object
- #current_cert ⇒ X509::Certificate
- #current_crl ⇒ X509::CRL
- #error ⇒ Integer
- #error=(error_code) ⇒ Object
- #error_depth ⇒ Integer
-
#error_string ⇒ String
Returns the error string corresponding to the error code retrieved by #error.
-
#flags=(flags) ⇒ Object
Sets the verification flags to the context.
- #new(store, cert = nil, chain = nil) ⇒ Object constructor
-
#purpose=(purpose) ⇒ Object
Sets the purpose of the context.
-
#time=(time) ⇒ Object
Sets the time used in the verification.
- #trust=(trust) ⇒ Object
- #verify ⇒ Object
Constructor Details
#new(store, cert = nil, chain = nil) ⇒ Object
544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 |
# File 'ext/openssl/ossl_x509store.c', line 544
static VALUE
ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE store, cert, chain, t;
X509_STORE_CTX *ctx;
X509_STORE *x509st;
X509 *x509 = NULL;
STACK_OF(X509) *x509s = NULL;
rb_scan_args(argc, argv, "12", &store, &cert, &chain);
GetX509StCtx(self, ctx);
SafeGetX509Store(store, x509st);
if(!NIL_P(cert)) x509 = DupX509CertPtr(cert); /* NEED TO DUP */
if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain);
if(X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){
sk_X509_pop_free(x509s, X509_free);
ossl_raise(eX509StoreError, NULL);
}
if (!NIL_P(t = rb_iv_get(store, "@time")))
ossl_x509stctx_set_time(self, t);
rb_iv_set(self, "@verify_callback", rb_iv_get(store, "@verify_callback"));
rb_iv_set(self, "@cert", cert);
return self;
}
|
Instance Method Details
#chain ⇒ Array of X509::Certificate
598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 |
# File 'ext/openssl/ossl_x509store.c', line 598
static VALUE
ossl_x509stctx_get_chain(VALUE self)
{
X509_STORE_CTX *ctx;
STACK_OF(X509) *chain;
X509 *x509;
int i, num;
VALUE ary;
GetX509StCtx(self, ctx);
if((chain = X509_STORE_CTX_get0_chain(ctx)) == NULL){
return Qnil;
}
if((num = sk_X509_num(chain)) < 0){
OSSL_Debug("certs in chain < 0???");
return rb_ary_new();
}
ary = rb_ary_new2(num);
for(i = 0; i < num; i++) {
x509 = sk_X509_value(chain, i);
rb_ary_push(ary, ossl_x509_new(x509));
}
return ary;
}
|
#cleanup ⇒ Object
158 159 160 |
# File 'lib/openssl/x509.rb', line 158 def cleanup warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE end |
#current_cert ⇒ X509::Certificate
689 690 691 692 693 694 695 696 697 |
# File 'ext/openssl/ossl_x509store.c', line 689
static VALUE
ossl_x509stctx_get_curr_cert(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx);
return ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx));
}
|
#current_crl ⇒ X509::CRL
703 704 705 706 707 708 709 710 711 712 713 714 715 |
# File 'ext/openssl/ossl_x509store.c', line 703
static VALUE
ossl_x509stctx_get_curr_crl(VALUE self)
{
X509_STORE_CTX *ctx;
X509_CRL *crl;
GetX509StCtx(self, ctx);
crl = X509_STORE_CTX_get0_current_crl(ctx);
if (!crl)
return Qnil;
return ossl_x509crl_new(crl);
}
|
#error ⇒ Integer
628 629 630 631 632 633 634 635 636 |
# File 'ext/openssl/ossl_x509store.c', line 628
static VALUE
ossl_x509stctx_get_err(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx);
return INT2NUM(X509_STORE_CTX_get_error(ctx));
}
|
#error=(error_code) ⇒ Object
642 643 644 645 646 647 648 649 650 651 |
# File 'ext/openssl/ossl_x509store.c', line 642
static VALUE
ossl_x509stctx_set_error(VALUE self, VALUE err)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx);
X509_STORE_CTX_set_error(ctx, NUM2INT(err));
return err;
}
|
#error_depth ⇒ Integer
675 676 677 678 679 680 681 682 683 |
# File 'ext/openssl/ossl_x509store.c', line 675
static VALUE
ossl_x509stctx_get_err_depth(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx);
return INT2NUM(X509_STORE_CTX_get_error_depth(ctx));
}
|
#error_string ⇒ String
Returns the error string corresponding to the error code retrieved by #error.
659 660 661 662 663 664 665 666 667 668 669 |
# File 'ext/openssl/ossl_x509store.c', line 659
static VALUE
ossl_x509stctx_get_err_string(VALUE self)
{
X509_STORE_CTX *ctx;
long err;
GetX509StCtx(self, ctx);
err = X509_STORE_CTX_get_error(ctx);
return rb_str_new2(X509_verify_cert_error_string(err));
}
|
#flags=(flags) ⇒ Object
Sets the verification flags to the context. See Store#flags=.
723 724 725 726 727 728 729 730 731 732 733 |
# File 'ext/openssl/ossl_x509store.c', line 723
static VALUE
ossl_x509stctx_set_flags(VALUE self, VALUE flags)
{
X509_STORE_CTX *store;
long f = NUM2LONG(flags);
GetX509StCtx(self, store);
X509_STORE_CTX_set_flags(store, f);
return flags;
}
|
#purpose=(purpose) ⇒ Object
Sets the purpose of the context. See Store#purpose=.
741 742 743 744 745 746 747 748 749 750 751 |
# File 'ext/openssl/ossl_x509store.c', line 741
static VALUE
ossl_x509stctx_set_purpose(VALUE self, VALUE purpose)
{
X509_STORE_CTX *store;
int p = NUM2INT(purpose);
GetX509StCtx(self, store);
X509_STORE_CTX_set_purpose(store, p);
return purpose;
}
|
#time=(time) ⇒ Object
Sets the time used in the verification. If not set, the current time is used.
775 776 777 778 779 780 781 782 783 784 785 786 |
# File 'ext/openssl/ossl_x509store.c', line 775
static VALUE
ossl_x509stctx_set_time(VALUE self, VALUE time)
{
X509_STORE_CTX *store;
long t;
t = NUM2LONG(rb_Integer(time));
GetX509StCtx(self, store);
X509_STORE_CTX_set_time(store, 0, t);
return time;
}
|
#trust=(trust) ⇒ Object
757 758 759 760 761 762 763 764 765 766 767 |
# File 'ext/openssl/ossl_x509store.c', line 757
static VALUE
ossl_x509stctx_set_trust(VALUE self, VALUE trust)
{
X509_STORE_CTX *store;
int t = NUM2INT(trust);
GetX509StCtx(self, store);
X509_STORE_CTX_set_trust(store, t);
return trust;
}
|
#verify ⇒ Object
574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 |
# File 'ext/openssl/ossl_x509store.c', line 574
static VALUE
ossl_x509stctx_verify(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx);
X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx,
(void *)rb_iv_get(self, "@verify_callback"));
switch (X509_verify_cert(ctx)) {
case 1:
return Qtrue;
case 0:
ossl_clear_error();
return Qfalse;
default:
ossl_raise(eX509CertError, NULL);
}
}
|