Class: OpenSSL::X509::CRL
| Relationships & Source Files | |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Instance Chain:
|
|
| Inherits: | Object |
| Defined in: | ext/openssl/ossl_x509crl.c, ext/openssl/lib/openssl/x509.rb |
Class Method Summary
- .new(*args) constructor
Instance Attribute Summary
-
#extensions
rw
Gets X509v3 extensions as array of X509Ext objects.
-
#extensions=(ary)
rw
Sets X509_EXTENSIONs.
- #issuer rw
-
#issuer=(issuer)
rw
NO DUP - don’t free.
- #last_update rw
- #last_update=(time) rw
- #next_update rw
- #next_update=(time) rw
- #revoked rw
- #revoked=(ary) rw
- #version rw
- #version=(version) rw
Instance Method Summary
- #==(other)
- #add_extension(extension)
- #add_revoked(revoked)
- #initialize_copy(other)
- #sign(key, digest)
- #signature_algorithm
- #to_der
-
#to_pem
Alias for #to_s.
- #to_s (also: #to_pem)
- #to_text
- #verify(key)
Extension::AuthorityKeyIdentifier - Included
| #authority_key_identifier | Get the issuing certificate’s key identifier from the authorityKeyIdentifier extension, as described in RFC5280 Section 4.2.1.1. |
Extension::Helpers - Included
::OpenSSL::Marshal - Included
Constructor Details
.new(*args)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 92
static VALUE
ossl_x509crl_initialize(int argc, VALUE *argv, VALUE self)
{
BIO *in;
X509_CRL *crl, *crl_orig = RTYPEDDATA_DATA(self);
VALUE arg;
rb_check_frozen(self);
if (rb_scan_args(argc, argv, "01", &arg) == 0) {
return self;
}
arg = ossl_to_der_if_possible(arg);
in = ossl_obj2bio(&arg);
crl = d2i_X509_CRL_bio(in, NULL);
if (!crl) {
OSSL_BIO_reset(in);
crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
}
BIO_free(in);
if (!crl)
ossl_raise(eX509CRLError, "PEM_read_bio_X509_CRL");
RTYPEDDATA_DATA(self) = crl;
X509_CRL_free(crl_orig);
return self;
}
Instance Attribute Details
#extensions (rw)
Gets X509v3 extensions as array of X509Ext objects
# File 'ext/openssl/ossl_x509crl.c', line 438
static VALUE
ossl_x509crl_get_extensions(VALUE self)
{
X509_CRL *crl;
int count, i;
X509_EXTENSION *ext;
VALUE ary;
GetX509CRL(self, crl);
count = X509_CRL_get_ext_count(crl);
if (count < 0) {
OSSL_Debug("count < 0???");
return rb_ary_new();
}
ary = rb_ary_new2(count);
for (i=0; i<count; i++) {
ext = X509_CRL_get_ext(crl, i); /* NO DUP - don't free! */
rb_ary_push(ary, ossl_x509ext_new(ext));
}
return ary;
}
#extensions=(ary) (rw)
Sets X509_EXTENSIONs
# File 'ext/openssl/ossl_x509crl.c', line 464
static VALUE
ossl_x509crl_set_extensions(VALUE self, VALUE ary)
{
X509_CRL *crl;
X509_EXTENSION *ext;
long i;
Check_Type(ary, T_ARRAY);
/* All ary members should be X509 Extensions */
for (i=0; i<RARRAY_LEN(ary); i++) {
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
}
GetX509CRL(self, crl);
for (i = X509_CRL_get_ext_count(crl); i > 0; i--)
X509_EXTENSION_free(X509_CRL_delete_ext(crl, 0));
for (i=0; i<RARRAY_LEN(ary); i++) {
ext = GetX509ExtPtr(RARRAY_AREF(ary, i)); /* NO NEED TO DUP */
if (!X509_CRL_add_ext(crl, ext, -1)) {
ossl_raise(eX509CRLError, "X509_CRL_add_ext");
}
}
return ary;
}
#issuer (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 187
static VALUE
ossl_x509crl_get_issuer(VALUE self)
{
X509_CRL *crl;
GetX509CRL(self, crl);
return ossl_x509name_new(X509_CRL_get_issuer(crl)); /* NO DUP - don't free */
}
#issuer=(issuer) (rw)
NO DUP - don’t free
# File 'ext/openssl/ossl_x509crl.c', line 197
static VALUE
ossl_x509crl_set_issuer(VALUE self, VALUE issuer)
{
X509_CRL *crl;
GetX509CRL(self, crl);
if (!X509_CRL_set_issuer_name(crl, GetX509NamePtr(issuer))) { /* DUPs name */
ossl_raise(eX509CRLError, NULL);
}
return issuer;
}
#last_update (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 210
static VALUE
ossl_x509crl_get_last_update(VALUE self)
{
X509_CRL *crl;
const ASN1_TIME *time;
GetX509CRL(self, crl);
time = X509_CRL_get0_lastUpdate(crl);
if (!time)
return Qnil;
return asn1time_to_time(time);
}
#last_update=(time) (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 224
static VALUE
ossl_x509crl_set_last_update(VALUE self, VALUE time)
{
X509_CRL *crl;
ASN1_TIME *asn1time;
GetX509CRL(self, crl);
asn1time = ossl_x509_time_adjust(NULL, time);
if (!X509_CRL_set1_lastUpdate(crl, asn1time)) {
ASN1_TIME_free(asn1time);
ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate");
}
ASN1_TIME_free(asn1time);
return time;
}
#next_update (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 241
static VALUE
ossl_x509crl_get_next_update(VALUE self)
{
X509_CRL *crl;
const ASN1_TIME *time;
GetX509CRL(self, crl);
time = X509_CRL_get0_nextUpdate(crl);
if (!time)
return Qnil;
return asn1time_to_time(time);
}
#next_update=(time) (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 255
static VALUE
ossl_x509crl_set_next_update(VALUE self, VALUE time)
{
X509_CRL *crl;
ASN1_TIME *asn1time;
GetX509CRL(self, crl);
asn1time = ossl_x509_time_adjust(NULL, time);
if (!X509_CRL_set1_nextUpdate(crl, asn1time)) {
ASN1_TIME_free(asn1time);
ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate");
}
ASN1_TIME_free(asn1time);
return time;
}
#revoked (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 272
static VALUE
ossl_x509crl_get_revoked(VALUE self)
{
X509_CRL *crl;
int i, num;
X509_REVOKED *rev;
VALUE ary, revoked;
GetX509CRL(self, crl);
num = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
if (num < 0) {
OSSL_Debug("num < 0???");
return rb_ary_new();
}
ary = rb_ary_new2(num);
for(i=0; i<num; i++) {
/* NO DUP - don't free! */
rev = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
revoked = ossl_x509revoked_new(rev);
rb_ary_push(ary, revoked);
}
return ary;
}
#revoked=(ary) (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 297
static VALUE
ossl_x509crl_set_revoked(VALUE self, VALUE ary)
{
X509_CRL *crl;
X509_REVOKED *rev;
STACK_OF(X509_REVOKED) *sk;
long i;
Check_Type(ary, T_ARRAY);
/* All ary members should be X509 Revoked */
for (i=0; i<RARRAY_LEN(ary); i++) {
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Rev);
}
GetX509CRL(self, crl);
if ((sk = X509_CRL_get_REVOKED(crl))) {
while ((rev = sk_X509_REVOKED_pop(sk)))
X509_REVOKED_free(rev);
}
for (i=0; i<RARRAY_LEN(ary); i++) {
rev = DupX509RevokedPtr(RARRAY_AREF(ary, i));
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
X509_REVOKED_free(rev);
ossl_raise(eX509CRLError, "X509_CRL_add0_revoked");
}
}
X509_CRL_sort(crl);
return ary;
}
#version (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 138
static VALUE
ossl_x509crl_get_version(VALUE self)
{
X509_CRL *crl;
long ver;
GetX509CRL(self, crl);
ver = X509_CRL_get_version(crl);
return LONG2NUM(ver);
}
#version=(version) (rw)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 150
static VALUE
ossl_x509crl_set_version(VALUE self, VALUE version)
{
X509_CRL *crl;
long ver;
if ((ver = NUM2LONG(version)) < 0) {
ossl_raise(eX509CRLError, "version must be >= 0!");
}
GetX509CRL(self, crl);
if (!X509_CRL_set_version(crl, ver)) {
ossl_raise(eX509CRLError, NULL);
}
return version;
}
Instance Method Details
#==(other)
[ GitHub ]#add_extension(extension)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 489
static VALUE
ossl_x509crl_add_extension(VALUE self, VALUE extension)
{
X509_CRL *crl;
X509_EXTENSION *ext;
GetX509CRL(self, crl);
ext = GetX509ExtPtr(extension);
if (!X509_CRL_add_ext(crl, ext, -1)) {
ossl_raise(eX509CRLError, NULL);
}
return extension;
}
#add_revoked(revoked)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 327
static VALUE
ossl_x509crl_add_revoked(VALUE self, VALUE revoked)
{
X509_CRL *crl;
X509_REVOKED *rev;
GetX509CRL(self, crl);
rev = DupX509RevokedPtr(revoked);
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
X509_REVOKED_free(rev);
ossl_raise(eX509CRLError, "X509_CRL_add0_revoked");
}
X509_CRL_sort(crl);
return revoked;
}
#initialize_copy(other)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 120
static VALUE
ossl_x509crl_copy(VALUE self, VALUE other)
{
X509_CRL *a, *b, *crl;
rb_check_frozen(self);
if (self == other) return self;
GetX509CRL(self, a);
GetX509CRL(other, b);
if (!(crl = X509_CRL_dup(b))) {
ossl_raise(eX509CRLError, NULL);
}
X509_CRL_free(a);
DATA_PTR(self) = crl;
return self;
}
#sign(key, digest)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 344
static VALUE
ossl_x509crl_sign(VALUE self, VALUE key, VALUE digest)
{
X509_CRL *crl;
EVP_PKEY *pkey;
const EVP_MD *md;
GetX509CRL(self, crl);
pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
md = ossl_evp_get_digestbyname(digest);
if (!X509_CRL_sign(crl, pkey, md)) {
ossl_raise(eX509CRLError, NULL);
}
return self;
}
#signature_algorithm
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 167
static VALUE
ossl_x509crl_get_signature_algorithm(VALUE self)
{
X509_CRL *crl;
const X509_ALGOR *alg;
BIO *out;
GetX509CRL(self, crl);
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eX509CRLError, NULL);
}
X509_CRL_get0_signature(crl, NULL, &alg);
if (!i2a_ASN1_OBJECT(out, alg->algorithm)) {
BIO_free(out);
ossl_raise(eX509CRLError, NULL);
}
return ossl_membio2str(out);
}
#to_der
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 381
static VALUE
ossl_x509crl_to_der(VALUE self)
{
X509_CRL *crl;
BIO *out;
GetX509CRL(self, crl);
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eX509CRLError, NULL);
}
if (!i2d_X509_CRL_bio(out, crl)) {
BIO_free(out);
ossl_raise(eX509CRLError, NULL);
}
return ossl_membio2str(out);
}
#to_pem
Alias for #to_s.
#to_s Also known as: #to_pem
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 399
static VALUE
ossl_x509crl_to_pem(VALUE self)
{
X509_CRL *crl;
BIO *out;
GetX509CRL(self, crl);
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eX509CRLError, NULL);
}
if (!PEM_write_bio_X509_CRL(out, crl)) {
BIO_free(out);
ossl_raise(eX509CRLError, NULL);
}
return ossl_membio2str(out);
}
#to_text
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 417
static VALUE
ossl_x509crl_to_text(VALUE self)
{
X509_CRL *crl;
BIO *out;
GetX509CRL(self, crl);
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eX509CRLError, NULL);
}
if (!X509_CRL_print(out, crl)) {
BIO_free(out);
ossl_raise(eX509CRLError, NULL);
}
return ossl_membio2str(out);
}
#verify(key)
[ GitHub ]# File 'ext/openssl/ossl_x509crl.c', line 361
static VALUE
ossl_x509crl_verify(VALUE self, VALUE key)
{
X509_CRL *crl;
EVP_PKEY *pkey;
GetX509CRL(self, crl);
pkey = GetPKeyPtr(key);
ossl_pkey_check_public_key(pkey);
switch (X509_CRL_verify(crl, pkey)) {
case 1:
return Qtrue;
case 0:
ossl_clear_error();
return Qfalse;
default:
ossl_raise(eX509CRLError, NULL);
}
}