OpenSSL::X509::StoreContext
class OpenSSL::X509::StoreContext
父类:Object
StoreContext用于验证单个证书并保存涉及的状态。
公共类方法
新(商店,证书=零,链=零)显示源
static VALUE
ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE store, cert, chain, t;
X509_STORE_CTX *ctx;
X509_STORE *x509st;
X509 *x509 = NULL;
STACK_OF(X509) *x509s = NULL;
rb_scan_args(argc, argv, "12", &store, &cert, &chain
GetX509StCtx(self, ctx
SafeGetX509Store(store, x509st
if(!NIL_P(cert)) x509 = DupX509CertPtr(cert /* NEED TO DUP */
if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain
if(X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){
sk_X509_pop_free(x509s, X509_free
ossl_raise(eX509StoreError, NULL
}
if (!NIL_P(t = rb_iv_get(store, "@time")))
ossl_x509stctx_set_time(self, t
rb_iv_set(self, "@verify_callback", rb_iv_get(store, "@verify_callback")
rb_iv_set(self, "@cert", cert
return self;
}
公共实例方法
链→X509 ::证书显示源数组
static VALUE
ossl_x509stctx_get_chain(VALUE self)
{
X509_STORE_CTX *ctx;
STACK_OF(X509) *chain;
X509 *x509;
int i, num;
VALUE ary;
GetX509StCtx(self, ctx
if((chain = X509_STORE_CTX_get0_chain(ctx)) == NULL){
return Qnil;
}
if((num = sk_X509_num(chain)) < 0){
OSSL_Debug("certs in chain < 0???"
return rb_ary_new(
}
ary = rb_ary_new2(num
for(i = 0; i < num; i++) {
x509 = sk_X509_value(chain, i
rb_ary_push(ary, ossl_x509_new(x509)
}
return ary;
}
清理()显示源
# File ext/openssl/lib/openssl/x509.rb, line 157
def cleanup
warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE
end
current_cert→X509 ::证书显示源
static VALUE
ossl_x509stctx_get_curr_cert(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx
return ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx)
}
current_crl→X509 :: CRL显示源
static VALUE
ossl_x509stctx_get_curr_crl(VALUE self)
{
X509_STORE_CTX *ctx;
X509_CRL *crl;
GetX509StCtx(self, ctx
crl = X509_STORE_CTX_get0_current_crl(ctx
if (!crl)
return Qnil;
return ossl_x509crl_new(crl
}
错误→整数显示源
static VALUE
ossl_x509stctx_get_err(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx
return INT2NUM(X509_STORE_CTX_get_error(ctx)
}
错误= error_code显示源
static VALUE
ossl_x509stctx_set_error(VALUE self, VALUE err)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx
X509_STORE_CTX_set_error(ctx, NUM2INT(err)
return err;
}
error_depth→整数显示来源
static VALUE
ossl_x509stctx_get_err_depth(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx
return INT2NUM(X509_STORE_CTX_get_error_depth(ctx)
}
error_string→String显示源文件
返回与由错误检索到的错误代码相对应的错误字符串。
static VALUE
ossl_x509stctx_get_err_string(VALUE self)
{
X509_STORE_CTX *ctx;
long err;
GetX509StCtx(self, ctx
err = X509_STORE_CTX_get_error(ctx
return rb_str_new2(X509_verify_cert_error_string(err)
}
flags = flags显示源文件
将验证标志设置为上下文。请参阅OpenSSL :: X509 :: Store#flags =。
static VALUE
ossl_x509stctx_set_flags(VALUE self, VALUE flags)
{
X509_STORE_CTX *store;
long f = NUM2LONG(flags
GetX509StCtx(self, store
X509_STORE_CTX_set_flags(store, f
return flags;
}
目的=目的显示源
设置上下文的目的。请参阅OpenSSL :: X509 :: Store#purpose =。
static VALUE
ossl_x509stctx_set_purpose(VALUE self, VALUE purpose)
{
X509_STORE_CTX *store;
int p = NUM2INT(purpose
GetX509StCtx(self, store
X509_STORE_CTX_set_purpose(store, p
return purpose;
}
时间=时间显示来源
设置验证中使用的时间。如果未设置,则使用当前时间。
static VALUE
ossl_x509stctx_set_time(VALUE self, VALUE time)
{
X509_STORE_CTX *store;
long t;
t = NUM2LONG(rb_Integer(time)
GetX509StCtx(self, store
X509_STORE_CTX_set_time(store, 0, t
return time;
}
信任=信任显示源
static VALUE
ossl_x509stctx_set_trust(VALUE self, VALUE trust)
{
X509_STORE_CTX *store;
int t = NUM2INT(trust
GetX509StCtx(self, store
X509_STORE_CTX_set_trust(store, t
return trust;
}
验证→true | 假显示源
static VALUE
ossl_x509stctx_verify(VALUE self)
{
X509_STORE_CTX *ctx;
GetX509StCtx(self, ctx
X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx,
(void *)rb_iv_get(self, "@verify_callback")
switch (X509_verify_cert(ctx)) {
case 1:
return Qtrue;
case 0:
ossl_clear_error(
return Qfalse;
default:
ossl_raise(eX509CertError, NULL
}
}
