Ruby 2.7.7p221 (2022-11-24 revision 168ec2b1e5ad0e4688e963d9de019557c78feed9)
ossl_x509name.c
Go to the documentation of this file.
1/*
2 * 'OpenSSL for Ruby' project
3 * Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz>
4 * All rights reserved.
5 */
6/*
7 * This program is licensed under the same licence as Ruby.
8 * (See the file 'LICENCE'.)
9 */
10#include "ossl.h"
11
12#define NewX509Name(klass) \
13 TypedData_Wrap_Struct((klass), &ossl_x509name_type, 0)
14#define SetX509Name(obj, name) do { \
15 if (!(name)) { \
16 ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
17 } \
18 RTYPEDDATA_DATA(obj) = (name); \
19} while (0)
20#define GetX509Name(obj, name) do { \
21 TypedData_Get_Struct((obj), X509_NAME, &ossl_x509name_type, (name)); \
22 if (!(name)) { \
23 ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
24 } \
25} while (0)
26
27#define OBJECT_TYPE_TEMPLATE \
28 rb_const_get(cX509Name, rb_intern("OBJECT_TYPE_TEMPLATE"))
29#define DEFAULT_OBJECT_TYPE \
30 rb_const_get(cX509Name, rb_intern("DEFAULT_OBJECT_TYPE"))
31
32/*
33 * Classes
34 */
37
38static void
39ossl_x509name_free(void *ptr)
40{
41 X509_NAME_free(ptr);
42}
43
44static const rb_data_type_t ossl_x509name_type = {
45 "OpenSSL/X509/NAME",
46 {
47 0, ossl_x509name_free,
48 },
50};
51
52/*
53 * Public
54 */
57{
58 X509_NAME *new;
59 VALUE obj;
60
62 if (!name) {
63 new = X509_NAME_new();
64 } else {
65 new = X509_NAME_dup(name);
66 }
67 if (!new) {
69 }
70 SetX509Name(obj, new);
71
72 return obj;
73}
74
75X509_NAME *
77{
78 X509_NAME *name;
79
81
82 return name;
83}
84
85/*
86 * Private
87 */
88static VALUE
89ossl_x509name_alloc(VALUE klass)
90{
91 X509_NAME *name;
92 VALUE obj;
93
95 if (!(name = X509_NAME_new())) {
97 }
99
100 return obj;
101}
102
103static ID id_aref;
104static VALUE ossl_x509name_add_entry(int, VALUE*, VALUE);
105#define rb_aref(obj, key) rb_funcall((obj), id_aref, 1, (key))
106
107static VALUE
108ossl_x509name_init_i(RB_BLOCK_CALL_FUNC_ARGLIST(i, args))
109{
110 VALUE self = rb_ary_entry(args, 0);
111 VALUE template = rb_ary_entry(args, 1);
112 VALUE entry[3];
113
115 entry[0] = rb_ary_entry(i, 0);
116 entry[1] = rb_ary_entry(i, 1);
117 entry[2] = rb_ary_entry(i, 2);
118 if(NIL_P(entry[2])) entry[2] = rb_aref(template, entry[0]);
119 if(NIL_P(entry[2])) entry[2] = DEFAULT_OBJECT_TYPE;
120 ossl_x509name_add_entry(3, entry, self);
121
122 return Qnil;
123}
124
125/*
126 * call-seq:
127 * X509::Name.new => name
128 * X509::Name.new(der) => name
129 * X509::Name.new(distinguished_name) => name
130 * X509::Name.new(distinguished_name, template) => name
131 *
132 * Creates a new Name.
133 *
134 * A name may be created from a DER encoded string _der_, an Array
135 * representing a _distinguished_name_ or a _distinguished_name_ along with a
136 * _template_.
137 *
138 * name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]
139 *
140 * name = OpenSSL::X509::Name.new name.to_der
141 *
142 * See add_entry for a description of the _distinguished_name_ Array's
143 * contents
144 */
145static VALUE
146ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
147{
148 X509_NAME *name;
149 VALUE arg, template;
150
151 GetX509Name(self, name);
152 if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) {
153 return self;
154 }
155 else {
157 if (!NIL_P(tmp)) {
158 VALUE args;
159 if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE;
160 args = rb_ary_new3(2, self, template);
161 rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
162 }
163 else{
164 const unsigned char *p;
166 X509_NAME *x;
168 p = (unsigned char *)RSTRING_PTR(str);
169 x = d2i_X509_NAME(&name, &p, RSTRING_LEN(str));
170 DATA_PTR(self) = name;
171 if(!x){
173 }
174 }
175 }
176
177 return self;
178}
179
180static VALUE
181ossl_x509name_initialize_copy(VALUE self, VALUE other)
182{
183 X509_NAME *name, *name_other, *name_new;
184
185 rb_check_frozen(self);
186 GetX509Name(self, name);
187 GetX509Name(other, name_other);
188
189 name_new = X509_NAME_dup(name_other);
190 if (!name_new)
191 ossl_raise(eX509NameError, "X509_NAME_dup");
192
193 SetX509Name(self, name_new);
194 X509_NAME_free(name);
195
196 return self;
197}
198
199/*
200 * call-seq:
201 * name.add_entry(oid, value [, type], loc: -1, set: 0) => self
202 *
203 * Adds a new entry with the given _oid_ and _value_ to this name. The _oid_
204 * is an object identifier defined in ASN.1. Some common OIDs are:
205 *
206 * C:: Country Name
207 * CN:: Common Name
208 * DC:: Domain Component
209 * O:: Organization Name
210 * OU:: Organizational Unit Name
211 * ST:: State or Province Name
212 *
213 * The optional keyword parameters _loc_ and _set_ specify where to insert the
214 * new attribute. Refer to the manpage of X509_NAME_add_entry(3) for details.
215 * _loc_ defaults to -1 and _set_ defaults to 0. This appends a single-valued
216 * RDN to the end.
217 */
218static
219VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
220{
221 X509_NAME *name;
222 VALUE oid, value, type, opts, kwargs[2];
223 static ID kwargs_ids[2];
224 const char *oid_name;
225 int loc = -1, set = 0;
226
227 if (!kwargs_ids[0]) {
228 kwargs_ids[0] = rb_intern_const("loc");
229 kwargs_ids[1] = rb_intern_const("set");
230 }
231 rb_scan_args(argc, argv, "21:", &oid, &value, &type, &opts);
232 rb_get_kwargs(opts, kwargs_ids, 0, 2, kwargs);
233 oid_name = StringValueCStr(oid);
234 StringValue(value);
236 if (kwargs[0] != Qundef)
237 loc = NUM2INT(kwargs[0]);
238 if (kwargs[1] != Qundef)
239 set = NUM2INT(kwargs[1]);
240 GetX509Name(self, name);
241 if (!X509_NAME_add_entry_by_txt(name, oid_name, NUM2INT(type),
242 (unsigned char *)RSTRING_PTR(value),
243 RSTRING_LENINT(value), loc, set))
244 ossl_raise(eX509NameError, "X509_NAME_add_entry_by_txt");
245 return self;
246}
247
248static VALUE
249ossl_x509name_to_s_old(VALUE self)
250{
251 X509_NAME *name;
252 char *buf;
253
254 GetX509Name(self, name);
255 buf = X509_NAME_oneline(name, NULL, 0);
256 if (!buf)
257 ossl_raise(eX509NameError, "X509_NAME_oneline");
259}
260
261static VALUE
262x509name_print(VALUE self, unsigned long iflag)
263{
264 X509_NAME *name;
265 BIO *out;
266 int ret;
267
268 GetX509Name(self, name);
269 out = BIO_new(BIO_s_mem());
270 if (!out)
272 ret = X509_NAME_print_ex(out, name, 0, iflag);
273 if (ret < 0 || (iflag == XN_FLAG_COMPAT && ret == 0)) {
274 BIO_free(out);
275 ossl_raise(eX509NameError, "X509_NAME_print_ex");
276 }
277 return ossl_membio2str(out);
278}
279
280/*
281 * call-seq:
282 * name.to_s -> string
283 * name.to_s(format) -> string
284 *
285 * Returns a String representation of the Distinguished Name. _format_ is
286 * one of:
287 *
288 * * OpenSSL::X509::Name::COMPAT
289 * * OpenSSL::X509::Name::RFC2253
290 * * OpenSSL::X509::Name::ONELINE
291 * * OpenSSL::X509::Name::MULTILINE
292 *
293 * If _format_ is omitted, the largely broken and traditional OpenSSL format
294 * is used.
295 */
296static VALUE
297ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
298{
299 rb_check_arity(argc, 0, 1);
300 /* name.to_s(nil) was allowed */
301 if (!argc || NIL_P(argv[0]))
302 return ossl_x509name_to_s_old(self);
303 else
304 return x509name_print(self, NUM2ULONG(argv[0]));
305}
306
307/*
308 * call-seq:
309 * name.to_utf8 -> string
310 *
311 * Returns an UTF-8 representation of the distinguished name, as specified
312 * in {RFC 2253}[https://www.ietf.org/rfc/rfc2253.txt].
313 */
314static VALUE
315ossl_x509name_to_utf8(VALUE self)
316{
317 VALUE str = x509name_print(self, XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
319 return str;
320}
321
322/* :nodoc: */
323static VALUE
324ossl_x509name_inspect(VALUE self)
325{
327 rb_obj_class(self), ossl_x509name_to_utf8(self));
328}
329
330/*
331 * call-seq:
332 * name.to_a => [[name, data, type], ...]
333 *
334 * Returns an Array representation of the distinguished name suitable for
335 * passing to ::new
336 */
337static VALUE
338ossl_x509name_to_a(VALUE self)
339{
340 X509_NAME *name;
341 X509_NAME_ENTRY *entry;
342 int i,entries,nid;
343 char long_name[512];
344 const char *short_name;
345 VALUE ary, vname, ret;
346 ASN1_STRING *value;
347
348 GetX509Name(self, name);
349 entries = X509_NAME_entry_count(name);
350 if (entries < 0) {
351 OSSL_Debug("name entries < 0!");
352 return rb_ary_new();
353 }
354 ret = rb_ary_new2(entries);
355 for (i=0; i<entries; i++) {
356 if (!(entry = X509_NAME_get_entry(name, i))) {
358 }
359 if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
360 X509_NAME_ENTRY_get_object(entry))) {
362 }
363 nid = OBJ_ln2nid(long_name);
364 if (nid == NID_undef) {
365 vname = rb_str_new2((const char *) &long_name);
366 } else {
367 short_name = OBJ_nid2sn(nid);
368 vname = rb_str_new2(short_name); /*do not free*/
369 }
370 value = X509_NAME_ENTRY_get_data(entry);
371 ary = rb_ary_new3(3, vname, asn1str_to_str(value), INT2NUM(value->type));
372 rb_ary_push(ret, ary);
373 }
374 return ret;
375}
376
377static int
378ossl_x509name_cmp0(VALUE self, VALUE other)
379{
380 X509_NAME *name1, *name2;
381
382 GetX509Name(self, name1);
383 GetX509Name(other, name2);
384
385 return X509_NAME_cmp(name1, name2);
386}
387
388/*
389 * call-seq:
390 * name.cmp(other) -> -1 | 0 | 1
391 * name <=> other -> -1 | 0 | 1
392 *
393 * Compares this Name with _other_ and returns +0+ if they are the same and +-1+
394 * or ++1+ if they are greater or less than each other respectively.
395 */
396static VALUE
397ossl_x509name_cmp(VALUE self, VALUE other)
398{
399 int result;
400
401 result = ossl_x509name_cmp0(self, other);
402 if (result < 0) return INT2FIX(-1);
403 if (result > 0) return INT2FIX(1);
404
405 return INT2FIX(0);
406}
407
408/*
409 * call-seq:
410 * name.eql?(other) -> true | false
411 *
412 * Returns true if _name_ and _other_ refer to the same hash key.
413 */
414static VALUE
415ossl_x509name_eql(VALUE self, VALUE other)
416{
417 if (!rb_obj_is_kind_of(other, cX509Name))
418 return Qfalse;
419
420 return ossl_x509name_cmp0(self, other) == 0 ? Qtrue : Qfalse;
421}
422
423/*
424 * call-seq:
425 * name.hash => integer
426 *
427 * The hash value returned is suitable for use as a certificate's filename in
428 * a CA path.
429 */
430static VALUE
431ossl_x509name_hash(VALUE self)
432{
433 X509_NAME *name;
434 unsigned long hash;
435
436 GetX509Name(self, name);
437
438 hash = X509_NAME_hash(name);
439
440 return ULONG2NUM(hash);
441}
442
443/*
444 * call-seq:
445 * name.hash_old => integer
446 *
447 * Returns an MD5 based hash used in OpenSSL 0.9.X.
448 */
449static VALUE
450ossl_x509name_hash_old(VALUE self)
451{
452 X509_NAME *name;
453 unsigned long hash;
454
455 GetX509Name(self, name);
456
457 hash = X509_NAME_hash_old(name);
458
459 return ULONG2NUM(hash);
460}
461
462/*
463 * call-seq:
464 * name.to_der => string
465 *
466 * Converts the name to DER encoding
467 */
468static VALUE
469ossl_x509name_to_der(VALUE self)
470{
471 X509_NAME *name;
472 VALUE str;
473 long len;
474 unsigned char *p;
475
476 GetX509Name(self, name);
477 if((len = i2d_X509_NAME(name, NULL)) <= 0)
479 str = rb_str_new(0, len);
480 p = (unsigned char *)RSTRING_PTR(str);
481 if(i2d_X509_NAME(name, &p) <= 0)
484
485 return str;
486}
487
488/*
489 * Document-class: OpenSSL::X509::Name
490 *
491 * An X.509 name represents a hostname, email address or other entity
492 * associated with a public key.
493 *
494 * You can create a Name by parsing a distinguished name String or by
495 * supplying the distinguished name as an Array.
496 *
497 * name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'
498 *
499 * name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]
500 */
501
502void
504{
505#undef rb_intern
506 VALUE utf8str, ptrstr, ia5str, hash;
507
508#if 0
509 mOSSL = rb_define_module("OpenSSL");
512#endif
513
514 id_aref = rb_intern("[]");
517
519
520 rb_define_alloc_func(cX509Name, ossl_x509name_alloc);
521 rb_define_method(cX509Name, "initialize", ossl_x509name_initialize, -1);
522 rb_define_method(cX509Name, "initialize_copy", ossl_x509name_initialize_copy, 1);
523 rb_define_method(cX509Name, "add_entry", ossl_x509name_add_entry, -1);
524 rb_define_method(cX509Name, "to_s", ossl_x509name_to_s, -1);
525 rb_define_method(cX509Name, "to_utf8", ossl_x509name_to_utf8, 0);
526 rb_define_method(cX509Name, "inspect", ossl_x509name_inspect, 0);
527 rb_define_method(cX509Name, "to_a", ossl_x509name_to_a, 0);
528 rb_define_method(cX509Name, "cmp", ossl_x509name_cmp, 1);
529 rb_define_alias(cX509Name, "<=>", "cmp");
530 rb_define_method(cX509Name, "eql?", ossl_x509name_eql, 1);
531 rb_define_method(cX509Name, "hash", ossl_x509name_hash, 0);
532 rb_define_method(cX509Name, "hash_old", ossl_x509name_hash_old, 0);
533 rb_define_method(cX509Name, "to_der", ossl_x509name_to_der, 0);
534
535 utf8str = INT2NUM(V_ASN1_UTF8STRING);
536 ptrstr = INT2NUM(V_ASN1_PRINTABLESTRING);
537 ia5str = INT2NUM(V_ASN1_IA5STRING);
538
539 /*
540 * The default object type for name entries.
541 */
542 rb_define_const(cX509Name, "DEFAULT_OBJECT_TYPE", utf8str);
543 hash = rb_hash_new();
544 RHASH_SET_IFNONE(hash, utf8str);
545 rb_hash_aset(hash, rb_str_new2("C"), ptrstr);
546 rb_hash_aset(hash, rb_str_new2("countryName"), ptrstr);
547 rb_hash_aset(hash, rb_str_new2("serialNumber"), ptrstr);
548 rb_hash_aset(hash, rb_str_new2("dnQualifier"), ptrstr);
549 rb_hash_aset(hash, rb_str_new2("DC"), ia5str);
550 rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str);
551 rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str);
552
553 /*
554 * The default object type template for name entries.
555 */
556 rb_define_const(cX509Name, "OBJECT_TYPE_TEMPLATE", hash);
557
558 /*
559 * A flag for #to_s.
560 *
561 * Breaks the name returned into multiple lines if longer than 80
562 * characters.
563 */
564 rb_define_const(cX509Name, "COMPAT", ULONG2NUM(XN_FLAG_COMPAT));
565
566 /*
567 * A flag for #to_s.
568 *
569 * Returns an RFC2253 format name.
570 */
571 rb_define_const(cX509Name, "RFC2253", ULONG2NUM(XN_FLAG_RFC2253));
572
573 /*
574 * A flag for #to_s.
575 *
576 * Returns a more readable format than RFC2253.
577 */
578 rb_define_const(cX509Name, "ONELINE", ULONG2NUM(XN_FLAG_ONELINE));
579
580 /*
581 * A flag for #to_s.
582 *
583 * Returns a multiline format.
584 */
585 rb_define_const(cX509Name, "MULTILINE", ULONG2NUM(XN_FLAG_MULTILINE));
586}
struct RIMemo * ptr
Definition: debug.c:65
rb_encoding * rb_utf8_encoding(void)
Definition: encoding.c:1328
int rb_utf8_encindex(void)
Definition: encoding.c:1334
VALUE rb_enc_associate_index(VALUE obj, int idx)
Definition: encoding.c:838
char str[HTML_ESCAPE_MAX_LEN+1]
Definition: escape.c:18
ID id_aref
Definition: eventids1.c:6
void rb_include_module(VALUE, VALUE)
Definition: class.c:882
VALUE rb_define_class_under(VALUE, const char *, VALUE)
Defines a class under the namespace of outer.
Definition: class.c:711
VALUE rb_define_module(const char *)
Definition: class.c:785
VALUE rb_define_module_under(VALUE, const char *)
Definition: class.c:810
void rb_define_alias(VALUE, const char *, const char *)
Defines an alias of a method.
Definition: class.c:1818
int rb_get_kwargs(VALUE keyword_hash, const ID *table, int required, int optional, VALUE *)
Definition: class.c:1904
VALUE rb_cObject
Object class.
Definition: ruby.h:2012
VALUE rb_mComparable
Definition: compar.c:16
VALUE rb_eStandardError
Definition: error.c:921
VALUE rb_obj_class(VALUE)
Equivalent to Object#class in Ruby.
Definition: object.c:217
VALUE rb_obj_is_kind_of(VALUE, VALUE)
Determines if obj is a kind of c.
Definition: object.c:692
VALUE type(ANYARGS)
ANYARGS-ed function type.
Definition: cxxanyargs.hpp:39
const char * name
Definition: nkf.c:208
int nid
VALUE mOSSL
Definition: ossl.c:231
VALUE ossl_buf2str(char *buf, int len)
Definition: ossl.c:120
VALUE ossl_to_der_if_possible(VALUE obj)
Definition: ossl.c:255
void ossl_raise(VALUE exc, const char *fmt,...)
Definition: ossl.c:293
VALUE eOSSLError
Definition: ossl.c:236
#define ossl_str_adjust(str, p)
Definition: ossl.h:87
#define OSSL_Debug
Definition: ossl.h:149
VALUE asn1str_to_str(const ASN1_STRING *str)
Definition: ossl_asn1.c:92
VALUE ossl_membio2str(BIO *bio)
Definition: ossl_bio.c:29
VALUE mX509
Definition: ossl_x509.c:12
VALUE eX509NameError
Definition: ossl_x509name.c:36
VALUE cX509Name
Definition: ossl_x509name.c:35
X509_NAME * GetX509NamePtr(VALUE obj)
Definition: ossl_x509name.c:76
#define OBJECT_TYPE_TEMPLATE
Definition: ossl_x509name.c:27
#define SetX509Name(obj, name)
Definition: ossl_x509name.c:14
void Init_ossl_x509name(void)
VALUE ossl_x509name_new(X509_NAME *name)
Definition: ossl_x509name.c:56
#define GetX509Name(obj, name)
Definition: ossl_x509name.c:20
#define NewX509Name(klass)
Definition: ossl_x509name.c:12
#define DEFAULT_OBJECT_TYPE
Definition: ossl_x509name.c:29
#define rb_aref(obj, key)
#define RB_BLOCK_CALL_FUNC_ARGLIST(yielded_arg, callback_arg)
#define rb_str_new2
#define NULL
use StringValue() instead")))
#define RSTRING_LEN(str)
#define RHASH_SET_IFNONE(h, ifnone)
#define NUM2ULONG(x)
size_t strlen(const char *)
#define Qundef
const VALUE VALUE obj
#define rb_check_frozen(obj)
#define RSTRING_PTR(str)
#define rb_str_new(str, len)
#define NIL_P(v)
#define RSTRING_LENINT(str)
#define rb_intern_const(str)
unsigned long VALUE
VALUE rb_ary_push(VALUE, VALUE)
Definition: array.c:1195
void rb_define_alloc_func(VALUE, rb_alloc_func_t)
uint32_t i
__inline__ const void *__restrict__ size_t len
#define INT2NUM(x)
void rb_define_const(VALUE, const char *, VALUE)
Definition: variable.c:2891
#define NUM2INT(x)
#define rb_long2int(n)
#define RUBY_TYPED_FREE_IMMEDIATELY
#define PRIsVALUE
#define rb_ary_new3
VALUE rb_ary_new(void)
Definition: array.c:723
#define rb_scan_args(argc, argvp, fmt,...)
#define rb_intern(str)
#define Qtrue
struct rb_call_cache buf
#define Qnil
#define Qfalse
#define DATA_PTR(dta)
#define T_ARRAY
#define ULONG2NUM(x)
#define INT2FIX(i)
VALUE rb_check_array_type(VALUE)
Definition: array.c:909
const VALUE * argv
#define Check_Type(v, t)
VALUE rb_hash_aset(VALUE, VALUE, VALUE)
Definition: hash.c:2852
VALUE rb_block_call(VALUE, ID, int, const VALUE *, rb_block_call_func_t, VALUE)
Definition: vm_eval.c:1470
#define rb_check_arity
unsigned long ID
void rb_define_method(VALUE, const char *, VALUE(*)(), int)
#define rb_ary_new2
VALUE rb_hash_new(void)
Definition: hash.c:1523
struct iseq_catch_table_entry entries[]
VALUE rb_ary_entry(VALUE, long)
Definition: array.c:1512
#define StringValueCStr(v)
VALUE rb_enc_sprintf(rb_encoding *enc, const char *format,...)
Definition: sprintf.c:1178