Module: OpenSSL

Defined in:
lib/openssl/bn.rb,
lib/openssl/ssl.rb,
lib/openssl/pkey.rb,
lib/openssl/x509.rb,
lib/openssl/cipher.rb,
lib/openssl/config.rb,
lib/openssl/digest.rb,
ext/openssl/ossl.c,
ext/openssl/ossl_bn.c,
ext/openssl/ossl_ssl.c,
ext/openssl/ossl_asn1.c,
ext/openssl/ossl_hmac.c,
ext/openssl/ossl_ocsp.c,
ext/openssl/ossl_pkey.c,
ext/openssl/ossl_rand.c,
ext/openssl/ossl_x509.c,
ext/openssl/ossl_pkcs5.c,
ext/openssl/ossl_pkcs7.c,
ext/openssl/ossl_cipher.c,
ext/openssl/ossl_config.c,
ext/openssl/ossl_digest.c,
ext/openssl/ossl_engine.c,
ext/openssl/ossl_pkcs12.c,
ext/openssl/deprecation.rb,
ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509ext.c,
ext/openssl/ossl_x509req.c,
ext/openssl/ossl_x509attr.c,
ext/openssl/ossl_x509cert.c,
ext/openssl/ossl_x509name.c,
ext/openssl/ossl_x509store.c,
ext/openssl/ossl_ssl_session.c,
ext/openssl/ossl_x509revoked.c,
ext/openssl/ossl_ns_spki.c

Overview

Ruby-space predefined Digest subclasses

Info

‘OpenSSL for Ruby 2’ project Copyright © 2002 Michal Rokos <[email protected]> All rights reserved.

Licence

This program is licensed under the same licence as Ruby. (See the file ‘LICENCE’.) ++

Defined Under Namespace

Modules: ASN1, Buffering, ExtConfig, Netscape, OCSP, PKey, Random, SSL, X509 Classes: BN, BNError, Cipher, Config, ConfigError, Digest, Engine, HMAC, HMACError, OpenSSLError, PKCS12, PKCS5, PKCS7

Constant Summary collapse

VERSION =

OpenSSL ruby extension version

rb_str_new2(OSSL_VERSION)
OPENSSL_VERSION =

Version of OpenSSL the ruby OpenSSL extension was built with

rb_str_new2(OPENSSL_VERSION_TEXT)
OPENSSL_LIBRARY_VERSION =

Version of OpenSSL the ruby OpenSSL extension is running with

rb_str_new2(SSLeay_version(SSLEAY_VERSION))
OPENSSL_VERSION_NUMBER =

Version number of OpenSSL the ruby OpenSSL extension was built with (base 16)

INT2NUM(OPENSSL_VERSION_NUMBER)
OPENSSL_FIPS =
#ifdef OPENSSL_FIPS
		    Qtrue
#else
		    Qfalse
#endif

Class Method Summary collapse

Class Method Details

.check_func(func, header) ⇒ Object



18
19
20
# File 'ext/openssl/deprecation.rb', line 18

def self.check_func(func, header)
  have_func(func, header, deprecated_warning_flag)
end

.check_func_or_macro(func, header) ⇒ Object



22
23
24
25
# File 'ext/openssl/deprecation.rb', line 22

def self.check_func_or_macro(func, header)
  check_func(func, header) or
    have_macro(func, header) && $defs.push("-DHAVE_#{func.upcase}")
end

.debugObject



375
376
377
378
379
# File 'ext/openssl/ossl.c', line 375

static VALUE
ossl_debug_get(VALUE self)
{
    return dOSSL;
}

.debug=(boolean) ⇒ Boolean

Turns on or off debug mode. With debug mode, all erros added to the OpenSSL error queue will be printed to stderr.

Returns:

  • (Boolean)


388
389
390
391
392
393
394
# File 'ext/openssl/ossl.c', line 388

static VALUE
ossl_debug_set(VALUE self, VALUE val)
{
    dOSSL = RTEST(val) ? Qtrue : Qfalse;

    return val;
}

.deprecated_warning_flagObject



3
4
5
6
7
8
9
10
11
12
13
14
15
16
# File 'ext/openssl/deprecation.rb', line 3

def self.deprecated_warning_flag
  unless flag = (@deprecated_warning_flag ||= nil)
    if try_compile("", flag = "-Werror=deprecated-declarations")
      if with_config("broken-apple-openssl")
        flag = "-Wno-deprecated-declarations"
      end
      $warnflags << " #{flag}"
    else
      flag = ""
    end
    @deprecated_warning_flag = flag
  end
  flag
end

.Digest(name) ⇒ Object

Returns a Digest subclass by name.

require 'openssl'

OpenSSL::Digest("MD5")
# => OpenSSL::Digest::MD5

Digest("Foo")
# => NameError: wrong constant name Foo


72
73
74
# File 'lib/openssl/digest.rb', line 72

def Digest(name)
  OpenSSL::Digest.const_get(name)
end

.errorsArray

See any remaining errors held in queue.

Any errors you see here are probably due to a bug in ruby’s OpenSSL implementation.

Returns:

  • (Array)


336
337
338
339
340
341
342
343
344
345
346
347
348
# File 'ext/openssl/ossl.c', line 336

VALUE
ossl_get_errors(void)
{
    VALUE ary;
    long e;

    ary = rb_ary_new();
    while ((e = ERR_get_error()) != 0){
        rb_ary_push(ary, rb_str_new2(ERR_error_string(e, NULL)));
    }

    return ary;
}

.fips_mode=(boolean) ⇒ Boolean

Turns FIPS mode on or off. Turning on FIPS mode will obviously only have an effect for FIPS-capable installations of the OpenSSL library. Trying to do so otherwise will result in an error.

Examples

OpenSSL.fips_mode = true   # turn FIPS mode on
OpenSSL.fips_mode = false  # and off again

Returns:

  • (Boolean)


408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
# File 'ext/openssl/ossl.c', line 408

static VALUE
ossl_fips_mode_set(VALUE self, VALUE enabled)
{

#ifdef OPENSSL_FIPS
    if (RTEST(enabled)) {
	int mode = FIPS_mode();
	if(!mode && !FIPS_mode_set(1)) /* turning on twice leads to an error */
	    ossl_raise(eOSSLError, "Turning on FIPS mode failed");
    } else {
	if(!FIPS_mode_set(0)) /* turning off twice is OK */
	    ossl_raise(eOSSLError, "Turning off FIPS mode failed");
    }
    return enabled;
#else
    if (RTEST(enabled))
	ossl_raise(eOSSLError, "This version of OpenSSL does not support FIPS mode");
    return enabled;
#endif
}