From fcbf63e62c627deae76c1b8cb8c0876c536ed811 Mon Sep 17 00:00:00 2001 From: Jari Vetoniemi Date: Mon, 16 Mar 2020 18:49:26 +0900 Subject: Fresh start --- jni/ruby/ext/openssl/ossl_x509req.c | 482 ++++++++++++++++++++++++++++++++++++ 1 file changed, 482 insertions(+) create mode 100644 jni/ruby/ext/openssl/ossl_x509req.c (limited to 'jni/ruby/ext/openssl/ossl_x509req.c') diff --git a/jni/ruby/ext/openssl/ossl_x509req.c b/jni/ruby/ext/openssl/ossl_x509req.c new file mode 100644 index 0000000..95458cb --- /dev/null +++ b/jni/ruby/ext/openssl/ossl_x509req.c @@ -0,0 +1,482 @@ +/* + * $Id: ossl_x509req.c 48815 2014-12-12 23:59:28Z nobu $ + * 'OpenSSL for Ruby' project + * Copyright (C) 2001-2002 Michal Rokos + * All rights reserved. + */ +/* + * This program is licenced under the same licence as Ruby. + * (See the file 'LICENCE'.) + */ +#include "ossl.h" + +#define WrapX509Req(klass, obj, req) do { \ + if (!(req)) { \ + ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \ + } \ + (obj) = TypedData_Wrap_Struct((klass), &ossl_x509req_type, (req)); \ +} while (0) +#define GetX509Req(obj, req) do { \ + TypedData_Get_Struct((obj), X509_REQ, &ossl_x509req_type, (req)); \ + if (!(req)) { \ + ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \ + } \ +} while (0) +#define SafeGetX509Req(obj, req) do { \ + OSSL_Check_Kind((obj), cX509Req); \ + GetX509Req((obj), (req)); \ +} while (0) + +/* + * Classes + */ +VALUE cX509Req; +VALUE eX509ReqError; + +static void +ossl_x509req_free(void *ptr) +{ + X509_REQ_free(ptr); +} + +static const rb_data_type_t ossl_x509req_type = { + "OpenSSL/X509/REQ", + { + 0, ossl_x509req_free, + }, + 0, 0, RUBY_TYPED_FREE_IMMEDIATELY, +}; + +/* + * Public functions + */ +VALUE +ossl_x509req_new(X509_REQ *req) +{ + X509_REQ *new; + VALUE obj; + + if (!req) { + new = X509_REQ_new(); + } else { + new = X509_REQ_dup(req); + } + if (!new) { + ossl_raise(eX509ReqError, NULL); + } + WrapX509Req(cX509Req, obj, new); + + return obj; +} + +X509_REQ * +GetX509ReqPtr(VALUE obj) +{ + X509_REQ *req; + + SafeGetX509Req(obj, req); + + return req; +} + +X509_REQ * +DupX509ReqPtr(VALUE obj) +{ + X509_REQ *req, *new; + + SafeGetX509Req(obj, req); + if (!(new = X509_REQ_dup(req))) { + ossl_raise(eX509ReqError, NULL); + } + + return new; +} + +/* + * Private functions + */ +static VALUE +ossl_x509req_alloc(VALUE klass) +{ + X509_REQ *req; + VALUE obj; + + if (!(req = X509_REQ_new())) { + ossl_raise(eX509ReqError, NULL); + } + WrapX509Req(klass, obj, req); + + return obj; +} + +static VALUE +ossl_x509req_initialize(int argc, VALUE *argv, VALUE self) +{ + BIO *in; + X509_REQ *req, *x = DATA_PTR(self); + VALUE arg; + + if (rb_scan_args(argc, argv, "01", &arg) == 0) { + return self; + } + arg = ossl_to_der_if_possible(arg); + in = ossl_obj2bio(arg); + req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL); + DATA_PTR(self) = x; + if (!req) { + OSSL_BIO_reset(in); + req = d2i_X509_REQ_bio(in, &x); + DATA_PTR(self) = x; + } + BIO_free(in); + if (!req) ossl_raise(eX509ReqError, NULL); + + return self; +} + +static VALUE +ossl_x509req_copy(VALUE self, VALUE other) +{ + X509_REQ *a, *b, *req; + + rb_check_frozen(self); + if (self == other) return self; + GetX509Req(self, a); + SafeGetX509Req(other, b); + if (!(req = X509_REQ_dup(b))) { + ossl_raise(eX509ReqError, NULL); + } + X509_REQ_free(a); + DATA_PTR(self) = req; + + return self; +} + +static VALUE +ossl_x509req_to_pem(VALUE self) +{ + X509_REQ *req; + BIO *out; + BUF_MEM *buf; + VALUE str; + + GetX509Req(self, req); + if (!(out = BIO_new(BIO_s_mem()))) { + ossl_raise(eX509ReqError, NULL); + } + if (!PEM_write_bio_X509_REQ(out, req)) { + BIO_free(out); + ossl_raise(eX509ReqError, NULL); + } + BIO_get_mem_ptr(out, &buf); + str = rb_str_new(buf->data, buf->length); + BIO_free(out); + + return str; +} + +static VALUE +ossl_x509req_to_der(VALUE self) +{ + X509_REQ *req; + VALUE str; + long len; + unsigned char *p; + + GetX509Req(self, req); + if ((len = i2d_X509_REQ(req, NULL)) <= 0) + ossl_raise(eX509ReqError, NULL); + str = rb_str_new(0, len); + p = (unsigned char *)RSTRING_PTR(str); + if (i2d_X509_REQ(req, &p) <= 0) + ossl_raise(eX509ReqError, NULL); + ossl_str_adjust(str, p); + + return str; +} + +static VALUE +ossl_x509req_to_text(VALUE self) +{ + X509_REQ *req; + BIO *out; + BUF_MEM *buf; + VALUE str; + + GetX509Req(self, req); + if (!(out = BIO_new(BIO_s_mem()))) { + ossl_raise(eX509ReqError, NULL); + } + if (!X509_REQ_print(out, req)) { + BIO_free(out); + ossl_raise(eX509ReqError, NULL); + } + BIO_get_mem_ptr(out, &buf); + str = rb_str_new(buf->data, buf->length); + BIO_free(out); + + return str; +} + +#if 0 +/* + * Makes X509 from X509_REQuest + */ +static VALUE +ossl_x509req_to_x509(VALUE self, VALUE days, VALUE key) +{ + X509_REQ *req; + X509 *x509; + + GetX509Req(self, req); + ... + if (!(x509 = X509_REQ_to_X509(req, d, pkey))) { + ossl_raise(eX509ReqError, NULL); + } + + return ossl_x509_new(x509); +} +#endif + +static VALUE +ossl_x509req_get_version(VALUE self) +{ + X509_REQ *req; + long version; + + GetX509Req(self, req); + version = X509_REQ_get_version(req); + + return LONG2FIX(version); +} + +static VALUE +ossl_x509req_set_version(VALUE self, VALUE version) +{ + X509_REQ *req; + long ver; + + if ((ver = FIX2LONG(version)) < 0) { + ossl_raise(eX509ReqError, "version must be >= 0!"); + } + GetX509Req(self, req); + if (!X509_REQ_set_version(req, ver)) { + ossl_raise(eX509ReqError, NULL); + } + + return version; +} + +static VALUE +ossl_x509req_get_subject(VALUE self) +{ + X509_REQ *req; + X509_NAME *name; + + GetX509Req(self, req); + if (!(name = X509_REQ_get_subject_name(req))) { /* NO DUP - don't free */ + ossl_raise(eX509ReqError, NULL); + } + + return ossl_x509name_new(name); +} + +static VALUE +ossl_x509req_set_subject(VALUE self, VALUE subject) +{ + X509_REQ *req; + + GetX509Req(self, req); + /* DUPs name */ + if (!X509_REQ_set_subject_name(req, GetX509NamePtr(subject))) { + ossl_raise(eX509ReqError, NULL); + } + + return subject; +} + +static VALUE +ossl_x509req_get_signature_algorithm(VALUE self) +{ + X509_REQ *req; + BIO *out; + BUF_MEM *buf; + VALUE str; + + GetX509Req(self, req); + + if (!(out = BIO_new(BIO_s_mem()))) { + ossl_raise(eX509ReqError, NULL); + } + if (!i2a_ASN1_OBJECT(out, req->sig_alg->algorithm)) { + BIO_free(out); + ossl_raise(eX509ReqError, NULL); + } + BIO_get_mem_ptr(out, &buf); + str = rb_str_new(buf->data, buf->length); + BIO_free(out); + return str; +} + +static VALUE +ossl_x509req_get_public_key(VALUE self) +{ + X509_REQ *req; + EVP_PKEY *pkey; + + GetX509Req(self, req); + if (!(pkey = X509_REQ_get_pubkey(req))) { /* adds reference */ + ossl_raise(eX509ReqError, NULL); + } + + return ossl_pkey_new(pkey); /* NO DUP - OK */ +} + +static VALUE +ossl_x509req_set_public_key(VALUE self, VALUE key) +{ + X509_REQ *req; + EVP_PKEY *pkey; + + GetX509Req(self, req); + pkey = GetPKeyPtr(key); /* NO NEED TO DUP */ + if (!X509_REQ_set_pubkey(req, pkey)) { + ossl_raise(eX509ReqError, NULL); + } + + return key; +} + +static VALUE +ossl_x509req_sign(VALUE self, VALUE key, VALUE digest) +{ + X509_REQ *req; + EVP_PKEY *pkey; + const EVP_MD *md; + + GetX509Req(self, req); + pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ + md = GetDigestPtr(digest); + if (!X509_REQ_sign(req, pkey, md)) { + ossl_raise(eX509ReqError, NULL); + } + + return self; +} + +/* + * Checks that cert signature is made with PRIVversion of this PUBLIC 'key' + */ +static VALUE +ossl_x509req_verify(VALUE self, VALUE key) +{ + X509_REQ *req; + EVP_PKEY *pkey; + int i; + + GetX509Req(self, req); + pkey = GetPKeyPtr(key); /* NO NEED TO DUP */ + if ((i = X509_REQ_verify(req, pkey)) < 0) { + ossl_raise(eX509ReqError, NULL); + } + if (i > 0) { + return Qtrue; + } + + return Qfalse; +} + +static VALUE +ossl_x509req_get_attributes(VALUE self) +{ + X509_REQ *req; + int count, i; + X509_ATTRIBUTE *attr; + VALUE ary; + + GetX509Req(self, req); + + count = X509_REQ_get_attr_count(req); + if (count < 0) { + OSSL_Debug("count < 0???"); + return rb_ary_new(); + } + ary = rb_ary_new2(count); + for (i=0; ireq_info->attributes, X509_ATTRIBUTE_free); + req->req_info->attributes = NULL; + for (i=0;i