Module: OpenSSL
- Defined in:
- lib/openssl/bn.rb,
lib/openssl/ssl.rb,
lib/openssl/x509.rb,
lib/openssl/pkcs5.rb,
lib/openssl/cipher.rb,
lib/openssl/config.rb,
lib/openssl/digest.rb,
ext/openssl/ossl.c,
ext/openssl/ossl_bn.c,
ext/openssl/ossl_kdf.c,
ext/openssl/ossl_ssl.c,
ext/openssl/ossl_asn1.c,
ext/openssl/ossl_hmac.c,
ext/openssl/ossl_ocsp.c,
ext/openssl/ossl_pkey.c,
ext/openssl/ossl_rand.c,
ext/openssl/ossl_x509.c,
ext/openssl/ossl_pkcs7.c,
ext/openssl/ossl_cipher.c,
ext/openssl/ossl_config.c,
ext/openssl/ossl_digest.c,
ext/openssl/ossl_engine.c,
ext/openssl/ossl_pkcs12.c,
ext/openssl/deprecation.rb,
ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509ext.c,
ext/openssl/ossl_x509req.c,
ext/openssl/ossl_x509attr.c,
ext/openssl/ossl_x509cert.c,
ext/openssl/ossl_x509name.c,
ext/openssl/ossl_x509store.c,
ext/openssl/ossl_ssl_session.c,
ext/openssl/ossl_x509revoked.c,
ext/openssl/ossl_ns_spki.c
Overview
–
Ruby-space predefined Digest subclasses
Info
‘OpenSSL for Ruby 2’ project Copyright © 2002 Michal Rokos <[email protected]> All rights reserved.
Licence
This program is licensed under the same licence as Ruby. (See the file ‘LICENCE’.) ++
Defined Under Namespace
Modules: ASN1, Buffering, ExtConfig, KDF, Netscape, OCSP, PKCS5, PKey, Random, SSL, X509 Classes: BN, BNError, Cipher, Config, ConfigError, Digest, Engine, HMAC, HMACError, OpenSSLError, PKCS12, PKCS7
Constant Summary collapse
- VERSION =
OpenSSL ruby extension version
rb_str_new2(OSSL_VERSION)
- OPENSSL_VERSION =
Version of OpenSSL the ruby OpenSSL extension was built with
rb_str_new2(OPENSSL_VERSION_TEXT)
- OPENSSL_LIBRARY_VERSION =
rb_str_new2(SSLeay_version(SSLEAY_VERSION))
- OPENSSL_VERSION_NUMBER =
Version number of OpenSSL the ruby OpenSSL extension was built with (base 16)
INT2NUM(OPENSSL_VERSION_NUMBER)
- OPENSSL_FIPS =
#ifdef OPENSSL_FIPS Qtrue #else Qfalse #endif
Class Method Summary collapse
- .check_func(func, header) ⇒ Object
- .check_func_or_macro(func, header) ⇒ Object
- .debug ⇒ Object
-
.debug=(boolean) ⇒ Boolean
Turns on or off debug mode.
- .deprecated_warning_flag ⇒ Object
-
.Digest(name) ⇒ Object
Returns a Digest subclass by name.
-
.errors ⇒ Array
See any remaining errors held in queue.
-
.fips_mode ⇒ Object
call-seq OpenSSL.fips_mode -> true | false.
-
.fips_mode=(boolean) ⇒ Boolean
Turns FIPS mode on or off.
-
.mem_check_start ⇒ nil
Calls CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON).
-
.print_mem_leaks ⇒ Object
For debugging the Ruby/OpenSSL library.
Class Method Details
.check_func(func, header) ⇒ Object
15 16 17 |
# File 'ext/openssl/deprecation.rb', line 15 def self.check_func(func, header) have_func(func, header, deprecated_warning_flag) end |
.check_func_or_macro(func, header) ⇒ Object
19 20 21 22 |
# File 'ext/openssl/deprecation.rb', line 19 def self.check_func_or_macro(func, header) check_func(func, header) or have_macro(func, header) && $defs.push("-DHAVE_#{func.upcase}") end |
.debug ⇒ Object
379 380 381 382 383 |
# File 'ext/openssl/ossl.c', line 379
static VALUE
ossl_debug_get(VALUE self)
{
return dOSSL;
}
|
.debug=(boolean) ⇒ Boolean
Turns on or off debug mode. With debug mode, all erros added to the OpenSSL error queue will be printed to stderr.
392 393 394 395 396 397 398 |
# File 'ext/openssl/ossl.c', line 392
static VALUE
ossl_debug_set(VALUE self, VALUE val)
{
dOSSL = RTEST(val) ? Qtrue : Qfalse;
return val;
}
|
.deprecated_warning_flag ⇒ Object
3 4 5 6 7 8 9 10 11 12 13 |
# File 'ext/openssl/deprecation.rb', line 3 def self.deprecated_warning_flag unless flag = (@deprecated_warning_flag ||= nil) if try_compile("", flag = "-Werror=deprecated-declarations") $warnflags << " #{flag}" else flag = "" end @deprecated_warning_flag = flag end flag end |
.Digest(name) ⇒ Object
69 70 71 |
# File 'lib/openssl/digest.rb', line 69 def Digest(name) OpenSSL::Digest.const_get(name) end |
.errors ⇒ Array
See any remaining errors held in queue.
Any errors you see here are probably due to a bug in Ruby’s OpenSSL implementation.
340 341 342 343 344 345 346 347 348 349 350 351 352 |
# File 'ext/openssl/ossl.c', line 340
VALUE
ossl_get_errors(void)
{
VALUE ary;
long e;
ary = rb_ary_new();
while ((e = ERR_get_error()) != 0){
rb_ary_push(ary, rb_str_new2(ERR_error_string(e, NULL)));
}
return ary;
}
|
.fips_mode ⇒ Object
call-seq
OpenSSL.fips_mode -> true | false
404 405 406 407 408 409 410 411 412 413 414 415 |
# File 'ext/openssl/ossl.c', line 404
static VALUE
ossl_fips_mode_get(VALUE self)
{
#ifdef OPENSSL_FIPS
VALUE enabled;
enabled = FIPS_mode() ? Qtrue : Qfalse;
return enabled;
#else
return Qfalse;
#endif
}
|
.fips_mode=(boolean) ⇒ Boolean
429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 |
# File 'ext/openssl/ossl.c', line 429
static VALUE
ossl_fips_mode_set(VALUE self, VALUE enabled)
{
#ifdef OPENSSL_FIPS
if (RTEST(enabled)) {
int mode = FIPS_mode();
if(!mode && !FIPS_mode_set(1)) /* turning on twice leads to an error */
ossl_raise(eOSSLError, "Turning on FIPS mode failed");
} else {
if(!FIPS_mode_set(0)) /* turning off twice is OK */
ossl_raise(eOSSLError, "Turning off FIPS mode failed");
}
return enabled;
#else
if (RTEST(enabled))
ossl_raise(eOSSLError, "This version of OpenSSL does not support FIPS mode");
return enabled;
#endif
}
|
.mem_check_start ⇒ nil
Calls CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON). Starts tracking memory allocations. See also OpenSSL.print_mem_leaks.
This is available only when built with a capable OpenSSL and –enable-debug configure option.
464 465 466 467 468 469 |
# File 'ext/openssl/ossl.c', line 464
static VALUE
mem_check_start(VALUE self)
{
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
return Qnil;
}
|
.print_mem_leaks ⇒ Object
For debugging the Ruby/OpenSSL library. Calls CRYPTO_mem_leaks_fp(stderr). Prints detected memory leaks to standard error. This cleans the global state up thus you cannot use any methods of the library after calling this.
Returns true
if leaks detected, false
otherwise.
This is available only when built with a capable OpenSSL and –enable-debug configure option.
Example
OpenSSL.mem_check_start
NOT_GCED = OpenSSL::PKey::RSA.new(256)
END {
GC.start
OpenSSL.print_mem_leaks # will print the leakage
}
493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 |
# File 'ext/openssl/ossl.c', line 493
static VALUE
print_mem_leaks(VALUE self)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000
int ret;
#endif
BN_CTX_free(ossl_bn_ctx);
ossl_bn_ctx = NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10100000
ret = CRYPTO_mem_leaks_fp(stderr);
if (ret < 0)
ossl_raise(eOSSLError, "CRYPTO_mem_leaks_fp");
return ret ? Qfalse : Qtrue;
#else
CRYPTO_mem_leaks_fp(stderr);
return Qnil;
#endif
}
|