Class: OpenSSL::X509::StoreContext
- Inherits:
-
Object
- Object
- OpenSSL::X509::StoreContext
- Defined in:
- ext/rubysl/openssl/ossl_x509store.c,
lib/openssl/x509.rb,
ext/rubysl/openssl/ossl_x509store.c
Overview
A StoreContext is used while validating a single certificate and holds the status involved.
Instance Method Summary collapse
- #chain ⇒ Array of X509::Certificate
- #cleanup ⇒ Object
- #current_cert ⇒ X509::Certificate
- #current_crl ⇒ X509::CRL
- #error ⇒ Integer
- #error=(error_code) ⇒ Object
- #error_depth ⇒ Integer
-
#error_string ⇒ String
Returns the error string corresponding to the error code retrieved by #error.
-
#flags=(flags) ⇒ Object
Sets the verification flags to the context.
- #new(store, cert = nil, chain = nil) ⇒ Object constructor
-
#purpose=(purpose) ⇒ Object
Sets the purpose of the context.
-
#time=(time) ⇒ Object
Sets the time used in the verification.
- #trust=(trust) ⇒ Object
- #verify ⇒ Object
Constructor Details
#new(store, cert = nil, chain = nil) ⇒ Object
553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 553 static VALUE ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self) { VALUE store, cert, chain, t; X509_STORE_CTX *ctx; X509_STORE *x509st; X509 *x509 = NULL; STACK_OF(X509) *x509s = NULL; rb_scan_args(argc, argv, "12", &store, &cert, &chain); GetX509StCtx(self, ctx); SafeGetX509Store(store, x509st); if(!NIL_P(cert)) x509 = DupX509CertPtr(cert); /* NEED TO DUP */ if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain); if(X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){ sk_X509_pop_free(x509s, X509_free); ossl_raise(eX509StoreError, NULL); } if (!NIL_P(t = rb_iv_get(store, "@time"))) ossl_x509stctx_set_time(self, t); rb_iv_set(self, "@verify_callback", rb_iv_get(store, "@verify_callback")); rb_iv_set(self, "@cert", cert); return self; } |
Instance Method Details
#chain ⇒ Array of X509::Certificate
607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 607 static VALUE ossl_x509stctx_get_chain(VALUE self) { X509_STORE_CTX *ctx; STACK_OF(X509) *chain; X509 *x509; int i, num; VALUE ary; GetX509StCtx(self, ctx); if((chain = X509_STORE_CTX_get0_chain(ctx)) == NULL){ return Qnil; } if((num = sk_X509_num(chain)) < 0){ OSSL_Debug("certs in chain < 0???"); return rb_ary_new(); } ary = rb_ary_new2(num); for(i = 0; i < num; i++) { x509 = sk_X509_value(chain, i); rb_ary_push(ary, ossl_x509_new(x509)); } return ary; } |
#cleanup ⇒ Object
158 159 160 |
# File 'lib/openssl/x509.rb', line 158 def cleanup warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE end |
#current_cert ⇒ X509::Certificate
698 699 700 701 702 703 704 705 706 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 698 static VALUE ossl_x509stctx_get_curr_cert(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx); return ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx)); } |
#current_crl ⇒ X509::CRL
712 713 714 715 716 717 718 719 720 721 722 723 724 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 712 static VALUE ossl_x509stctx_get_curr_crl(VALUE self) { X509_STORE_CTX *ctx; X509_CRL *crl; GetX509StCtx(self, ctx); crl = X509_STORE_CTX_get0_current_crl(ctx); if (!crl) return Qnil; return ossl_x509crl_new(crl); } |
#error ⇒ Integer
637 638 639 640 641 642 643 644 645 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 637 static VALUE ossl_x509stctx_get_err(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx); return INT2NUM(X509_STORE_CTX_get_error(ctx)); } |
#error=(error_code) ⇒ Object
651 652 653 654 655 656 657 658 659 660 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 651 static VALUE ossl_x509stctx_set_error(VALUE self, VALUE err) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx); X509_STORE_CTX_set_error(ctx, NUM2INT(err)); return err; } |
#error_depth ⇒ Integer
684 685 686 687 688 689 690 691 692 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 684 static VALUE ossl_x509stctx_get_err_depth(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx); return INT2NUM(X509_STORE_CTX_get_error_depth(ctx)); } |
#error_string ⇒ String
Returns the error string corresponding to the error code retrieved by #error.
668 669 670 671 672 673 674 675 676 677 678 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 668 static VALUE ossl_x509stctx_get_err_string(VALUE self) { X509_STORE_CTX *ctx; long err; GetX509StCtx(self, ctx); err = X509_STORE_CTX_get_error(ctx); return rb_str_new2(X509_verify_cert_error_string(err)); } |
#flags=(flags) ⇒ Object
Sets the verification flags to the context. See Store#flags=.
732 733 734 735 736 737 738 739 740 741 742 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 732 static VALUE ossl_x509stctx_set_flags(VALUE self, VALUE flags) { X509_STORE_CTX *store; long f = NUM2LONG(flags); GetX509StCtx(self, store); X509_STORE_CTX_set_flags(store, f); return flags; } |
#purpose=(purpose) ⇒ Object
Sets the purpose of the context. See Store#purpose=.
750 751 752 753 754 755 756 757 758 759 760 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 750 static VALUE ossl_x509stctx_set_purpose(VALUE self, VALUE purpose) { X509_STORE_CTX *store; int p = NUM2INT(purpose); GetX509StCtx(self, store); X509_STORE_CTX_set_purpose(store, p); return purpose; } |
#time=(time) ⇒ Object
Sets the time used in the verification. If not set, the current time is used.
784 785 786 787 788 789 790 791 792 793 794 795 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 784 static VALUE ossl_x509stctx_set_time(VALUE self, VALUE time) { X509_STORE_CTX *store; long t; t = NUM2LONG(rb_Integer(time)); GetX509StCtx(self, store); X509_STORE_CTX_set_time(store, 0, t); return time; } |
#trust=(trust) ⇒ Object
766 767 768 769 770 771 772 773 774 775 776 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 766 static VALUE ossl_x509stctx_set_trust(VALUE self, VALUE trust) { X509_STORE_CTX *store; int t = NUM2INT(trust); GetX509StCtx(self, store); X509_STORE_CTX_set_trust(store, t); return trust; } |
#verify ⇒ Object
583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 |
# File 'ext/rubysl/openssl/ossl_x509store.c', line 583 static VALUE ossl_x509stctx_verify(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx); X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx, (void *)rb_iv_get(self, "@verify_callback")); switch (X509_verify_cert(ctx)) { case 1: return Qtrue; case 0: ossl_clear_error(); return Qfalse; default: ossl_raise(eX509CertError, NULL); } } |