In Files
- openssl/lib/openssl/x509.rb
- openssl/ossl_ssl_session.c
Parent
Object
Namespace
Methods
Included Modules
- Comparable
Class/Module Index
![[+]](../../images/find.png "show/hide quicksearch")
- Integer
- OpenSSL
- OpenSSL::ASN1
- OpenSSL::ASN1::ASN1Data
- OpenSSL::ASN1::ASN1Error
- OpenSSL::ASN1::Constructive
- OpenSSL::ASN1::ObjectId
- OpenSSL::ASN1::Primitive
- OpenSSL::BN
- OpenSSL::BNError
- OpenSSL::Buffering
- OpenSSL::Cipher
- OpenSSL::Cipher::Cipher
- OpenSSL::Cipher::CipherError
- OpenSSL::Config
- OpenSSL::ConfigError
- OpenSSL::Digest
- OpenSSL::Digest::Digest
- OpenSSL::Digest::DigestError
- OpenSSL::Engine
- OpenSSL::Engine::EngineError
- OpenSSL::HMAC
- OpenSSL::HMACError
- OpenSSL::Netscape
- OpenSSL::Netscape::SPKI
- OpenSSL::Netscape::SPKIError
- OpenSSL::OCSP
- OpenSSL::OCSP::BasicResponse
- OpenSSL::OCSP::CertificateId
- OpenSSL::OCSP::OCSPError
- OpenSSL::OCSP::Request
- OpenSSL::OCSP::Response
- OpenSSL::OpenSSLError
- OpenSSL::PKCS12
- OpenSSL::PKCS12::PKCS12Error
- OpenSSL::PKCS5
- OpenSSL::PKCS5::PKCS5Error
- OpenSSL::PKCS7
- OpenSSL::PKCS7::PKCS7Error
- OpenSSL::PKCS7::RecipientInfo
- OpenSSL::PKCS7::SignerInfo
- OpenSSL::PKey
- OpenSSL::PKey::DH
- OpenSSL::PKey::DHError
- OpenSSL::PKey::DSA
- OpenSSL::PKey::DSAError
- OpenSSL::PKey::EC
- OpenSSL::PKey::EC::Group
- OpenSSL::PKey::EC::Group::Error
- OpenSSL::PKey::EC::Point
- OpenSSL::PKey::EC::Point::Error
- OpenSSL::PKey::ECError
- OpenSSL::PKey::PKey
- OpenSSL::PKey::PKeyError
- OpenSSL::PKey::RSA
- OpenSSL::PKey::RSAError
- OpenSSL::Random
- OpenSSL::Random::RandomError
- OpenSSL::SSL
- OpenSSL::SSL::Nonblock
- OpenSSL::SSL::SSLContext
- OpenSSL::SSL::SSLError
- OpenSSL::SSL::SSLErrorWaitReadable
- OpenSSL::SSL::SSLErrorWaitWritable
- OpenSSL::SSL::SSLServer
- OpenSSL::SSL::SSLSocket
- OpenSSL::SSL::Session
- OpenSSL::SSL::Session::SessionError
- OpenSSL::SSL::SocketForwarder
- OpenSSL::X509
- OpenSSL::X509::Attribute
- OpenSSL::X509::AttributeError
- OpenSSL::X509::CRL
- OpenSSL::X509::CRLError
- OpenSSL::X509::Certificate
- OpenSSL::X509::CertificateError
- OpenSSL::X509::Extension
- OpenSSL::X509::ExtensionError
- OpenSSL::X509::ExtensionFactory
- OpenSSL::X509::Name
- OpenSSL::X509::Name::RFC2253DN
- OpenSSL::X509::NameError
- OpenSSL::X509::Request
- OpenSSL::X509::RequestError
- OpenSSL::X509::Revoked
- OpenSSL::X509::RevokedError
- OpenSSL::X509::Store
- OpenSSL::X509::StoreContext
- OpenSSL::X509::StoreError
- unknown
OpenSSL::X509::Name
An X.509 name represents a hostname, email address or other entity associated with a public key.
You can create a Name by parsing a distinguished name String or by supplying the distinguished name as an Array.
name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example' name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]
Constants
- COMPAT
-
A flag for to_s.
Breaks the name returned into multiple lines if longer than 80 characters.
- DEFAULT_OBJECT_TYPE
-
The default object type for name entries.
- MULTILINE
-
A flag for to_s.
Returns a multiline format.
- OBJECT_TYPE_TEMPLATE
-
The default object type template for name entries.
- ONELINE
-
A flag for to_s.
Returns a more readable format than RFC2253.
- RFC2253
-
A flag for to_s.
Returns an RFC2253 format name.
Public Class Methods
Creates a new Name.
A name may be created from a DER encoded string der, an Array
representing a distinguished_name or a
distinguished_name along with a template.
name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']] name = OpenSSL::X509::Name.new name.to_der
See #add_entry for a description
of the distinguished_name Array’s contents
static VALUE
ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
{
X509_NAME *name;
VALUE arg, template;
GetX509Name(self, name);
if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) {
return self;
}
else {
VALUE tmp = rb_check_array_type(arg);
if (!NIL_P(tmp)) {
VALUE args;
if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE;
args = rb_ary_new3(2, self, template);
rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
}
else{
const unsigned char *p;
VALUE str = ossl_to_der_if_possible(arg);
X509_NAME *x;
StringValue(str);
p = (unsigned char *)RSTRING_PTR(str);
x = d2i_X509_NAME(&name, &p, RSTRING_LEN(str));
DATA_PTR(self) = name;
if(!x){
ossl_raise(eX509NameError, NULL);
}
}
}
return self;
}
# File openssl/lib/openssl/x509.rb, line 147
def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
self.new(ary, template)
end
Public Instance Methods
Adds a new entry with the given oid and value to
this name. The oid is an object identifier defined in ASN.1.
Some common OIDs are:
- C
-
Country Name
- CN
-
Common Name
- DC
-
Domain Component
- O
-
Organization Name
- OU
-
Organizational Unit Name
- ST
-
State or Province Name
static
VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
{
X509_NAME *name;
VALUE oid, value, type;
rb_scan_args(argc, argv, "21", &oid, &value, &type);
StringValue(oid);
StringValue(value);
if(NIL_P(type)) type = rb_aref(OBJECT_TYPE_TEMPLATE, oid);
GetX509Name(self, name);
if (!X509_NAME_add_entry_by_txt(name, RSTRING_PTR(oid), NUM2INT(type),
(const unsigned char *)RSTRING_PTR(value), RSTRING_LENINT(value), -1, 0)) {
ossl_raise(eX509NameError, NULL);
}
return self;
}
Compares this Name with other and
returns 0 if they are the same and -1 or +1 if they are greater or less
than each other respectively.
static VALUE
ossl_x509name_cmp(VALUE self, VALUE other)
{
int result;
result = ossl_x509name_cmp0(self, other);
if (result < 0) return INT2FIX(-1);
if (result > 1) return INT2FIX(1);
return INT2FIX(0);
}
Returns true if name and other refer to the same
hash key.
static VALUE
ossl_x509name_eql(VALUE self, VALUE other)
{
int result;
if(CLASS_OF(other) != cX509Name) return Qfalse;
result = ossl_x509name_cmp0(self, other);
return (result == 0) ? Qtrue : Qfalse;
}
The hash value returned is suitable for use as a certificate’s filename in a CA path.
static VALUE
ossl_x509name_hash(VALUE self)
{
X509_NAME *name;
unsigned long hash;
GetX509Name(self, name);
hash = X509_NAME_hash(name);
return ULONG2NUM(hash);
}
Returns an MD5 based hash used in OpenSSL 0.9.X.
static VALUE
ossl_x509name_hash_old(VALUE self)
{
X509_NAME *name;
unsigned long hash;
GetX509Name(self, name);
hash = X509_NAME_hash_old(name);
return ULONG2NUM(hash);
}
Returns an Array representation of the distinguished name suitable for passing to ::new
static VALUE
ossl_x509name_to_a(VALUE self)
{
X509_NAME *name;
X509_NAME_ENTRY *entry;
int i,entries,nid;
char long_name[512];
const char *short_name;
VALUE ary, vname, ret;
GetX509Name(self, name);
entries = X509_NAME_entry_count(name);
if (entries < 0) {
OSSL_Debug("name entries < 0!");
return rb_ary_new();
}
ret = rb_ary_new2(entries);
for (i=0; i<entries; i++) {
if (!(entry = X509_NAME_get_entry(name, i))) {
ossl_raise(eX509NameError, NULL);
}
if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object)) {
ossl_raise(eX509NameError, NULL);
}
nid = OBJ_ln2nid(long_name);
if (nid == NID_undef) {
vname = rb_str_new2((const char *) &long_name);
} else {
short_name = OBJ_nid2sn(nid);
vname = rb_str_new2(short_name); /*do not free*/
}
ary = rb_ary_new3(3,
vname,
rb_str_new((const char *)entry->value->data, entry->value->length),
INT2FIX(entry->value->type));
rb_ary_push(ret, ary);
}
return ret;
}
Converts the name to DER encoding
static VALUE
ossl_x509name_to_der(VALUE self)
{
X509_NAME *name;
VALUE str;
long len;
unsigned char *p;
GetX509Name(self, name);
if((len = i2d_X509_NAME(name, NULL)) <= 0)
ossl_raise(eX509NameError, NULL);
str = rb_str_new(0, len);
p = (unsigned char *)RSTRING_PTR(str);
if(i2d_X509_NAME(name, &p) <= 0)
ossl_raise(eX509NameError, NULL);
ossl_str_adjust(str, p);
return str;
}
Returns this name as a Distinguished Name string.
flags may be one of:
-
OpenSSL::X509::Name::COMPAT
-
OpenSSL::X509::Name::RFC2253
-
OpenSSL::X509::Name::ONELINE
-
OpenSSL::X509::Name::MULTILINE
static VALUE
ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
{
X509_NAME *name;
VALUE flag, str;
BIO *out;
unsigned long iflag;
rb_scan_args(argc, argv, "01", &flag);
if (NIL_P(flag))
return ossl_x509name_to_s_old(self);
else iflag = NUM2ULONG(flag);
if (!(out = BIO_new(BIO_s_mem())))
ossl_raise(eX509NameError, NULL);
GetX509Name(self, name);
if (!X509_NAME_print_ex(out, name, 0, iflag)){
BIO_free(out);
ossl_raise(eX509NameError, NULL);
}
str = ossl_membio2str(out);
return str;
}
Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.
If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.
If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.
If you want to help improve the Ruby documentation, please see Improve the docs, or visit Documenting-ruby.org.