Ruby 2.4
OpenSSL

OpenSSL::OCSP::CertificateId

类 OpenSSL :: OCSP :: CertificateId

家长:对象

OpenSSL :: OCSP :: CertificateId 向 CA 标识证书,以便执行状态检查。

公共类方法

OpenSSL :: OCSP :: CertificateId.new(subject,issuer,digest = nil)→certificate_id 显示源代码

OpenSSL::OCSP::CertificateId.new(der_string) → certificate_id

创建一个新的 OpenSSL :: OCSP :: CertificateId 对于给定的subjectissuerX509 证书。在digest被用于计算证书ID和必须是 OpenSSL 的::文摘实例。

如果只给出一个参数,则将其解码为证书 ID 的 DER 表示。

static VALUE ossl_ocspcid_initialize(int argc, VALUE *argv, VALUE self) { OCSP_CERTID *id, *newid; VALUE subject, issuer, digest; GetOCSPCertId(self, id if (rb_scan_args(argc, argv, "12", &subject, &issuer, &digest) == 1) { VALUE arg; const unsigned char *p; arg = ossl_to_der_if_possible(subject StringValue(arg p = (unsigned char *)RSTRING_PTR(arg newid = d2i_OCSP_CERTID(NULL, &p, RSTRING_LEN(arg) if (!newid) ossl_raise(eOCSPError, "d2i_OCSP_CERTID" } else { X509 *x509s, *x509i; const EVP_MD *md; x509s = GetX509CertPtr(subject /* NO NEED TO DUP */ x509i = GetX509CertPtr(issuer /* NO NEED TO DUP */ md = !NIL_P(digest) ? GetDigestPtr(digest) : NULL; newid = OCSP_cert_to_id(md, x509s, x509i if (!newid) ossl_raise(eOCSPError, "OCSP_cert_to_id" } SetOCSPCertId(self, newid OCSP_CERTID_free(id return self; }

公共实例方法

cmp(其他)→true 或 false 显示源

如果它们相同,则将此证书 ID 与其other进行比较并返回true。

static VALUE ossl_ocspcid_cmp(VALUE self, VALUE other) { OCSP_CERTID *id, *id2; int result; GetOCSPCertId(self, id SafeGetOCSPCertId(other, id2 result = OCSP_id_cmp(id, id2 return (result == 0) ? Qtrue : Qfalse; }

cmp_issuer(其他)→true 或 false 显示来源

如果它们相同,则将此证书ID的颁发者与其other如果它们相同,则将此证书ID的颁发者与其相比较并返回 true。

static VALUE ossl_ocspcid_cmp_issuer(VALUE self, VALUE other) { OCSP_CERTID *id, *id2; int result; GetOCSPCertId(self, id SafeGetOCSPCertId(other, id2 result = OCSP_id_issuer_cmp(id, id2 return (result == 0) ? Qtrue : Qfalse; }

hash_algorithm→String 显示源

返回用于生成 issuerNameHash 和 issuerKeyHash 值的散列算法的 ln(长名称)。

static VALUE ossl_ocspcid_get_hash_algorithm(VALUE self) { OCSP_CERTID *id; ASN1_OBJECT *oid; BIO *out; GetOCSPCertId(self, id OCSP_id_get0_info(NULL, &oid, NULL, NULL, id if (!(out = BIO_new(BIO_s_mem()))) ossl_raise(eOCSPError, "BIO_new" if (!i2a_ASN1_OBJECT(out, oid)) { BIO_free(out ossl_raise(eOCSPError, "i2a_ASN1_OBJECT" } return ossl_membio2str(out }

issuer_key_hash→字符串显示源

返回此证书 ID 的 issuerKeyHash,即发行者公钥的哈希。

static VALUE ossl_ocspcid_get_issuer_key_hash(VALUE self) { OCSP_CERTID *id; ASN1_OCTET_STRING *key_hash; VALUE ret; GetOCSPCertId(self, id OCSP_id_get0_info(NULL, NULL, &key_hash, NULL, id ret = rb_str_new(NULL, key_hash->length * 2 ossl_bin2hex(key_hash->data, RSTRING_PTR(ret), key_hash->length return ret; }

issuer_name_hash→字符串显示源

返回此证书 ID 的 issuerNameHash,这是使用 hashAlgorithm 计算的颁发者专有名称的哈希。

static VALUE ossl_ocspcid_get_issuer_name_hash(VALUE self) { OCSP_CERTID *id; ASN1_OCTET_STRING *name_hash; VALUE ret; GetOCSPCertId(self, id OCSP_id_get0_info(&name_hash, NULL, NULL, NULL, id ret = rb_str_new(NULL, name_hash->length * 2 ossl_bin2hex(name_hash->data, RSTRING_PTR(ret), name_hash->length return ret; }

serial → Integer(串行→整数)显示源

返回正在请求状态的证书的序列号。

static VALUE ossl_ocspcid_get_serial(VALUE self) { OCSP_CERTID *id; ASN1_INTEGER *serial; GetOCSPCertId(self, id OCSP_id_get0_info(NULL, NULL, NULL, &serial, id return asn1integer_to_num(serial }

to_der→ String 显示源

将此证书标识符编码为 DER 编码的字符串。

static VALUE ossl_ocspcid_to_der(VALUE self) { OCSP_CERTID *id; VALUE str; long len; unsigned char *p; GetOCSPCertId(self, id if ((len = i2d_OCSP_CERTID(id, NULL)) <= 0) ossl_raise(eOCSPError, NULL str = rb_str_new(0, len p = (unsigned char *)RSTRING_PTR(str if (i2d_OCSP_CERTID(id, &p) <= 0) ossl_raise(eOCSPError, NULL ossl_str_adjust(str, p return str; }