OpenSSL::OCSP::CertificateId
类 OpenSSL :: OCSP :: CertificateId
家长:对象
OpenSSL :: OCSP :: CertificateId 向 CA 标识证书,以便执行状态检查。
公共类方法
OpenSSL :: OCSP :: CertificateId.new(subject,issuer,digest = nil)→certificate_id 显示源代码
OpenSSL::OCSP::CertificateId.new(der_string) → certificate_id
创建一个新的 OpenSSL :: OCSP :: CertificateId 对于给定的subject和issuerX509 证书。在digest被用于计算证书ID和必须是 OpenSSL 的::文摘实例。
如果只给出一个参数,则将其解码为证书 ID 的 DER 表示。
static VALUE
ossl_ocspcid_initialize(int argc, VALUE *argv, VALUE self)
{
OCSP_CERTID *id, *newid;
VALUE subject, issuer, digest;
GetOCSPCertId(self, id
if (rb_scan_args(argc, argv, "12", &subject, &issuer, &digest) == 1) {
VALUE arg;
const unsigned char *p;
arg = ossl_to_der_if_possible(subject
StringValue(arg
p = (unsigned char *)RSTRING_PTR(arg
newid = d2i_OCSP_CERTID(NULL, &p, RSTRING_LEN(arg)
if (!newid)
ossl_raise(eOCSPError, "d2i_OCSP_CERTID"
}
else {
X509 *x509s, *x509i;
const EVP_MD *md;
x509s = GetX509CertPtr(subject /* NO NEED TO DUP */
x509i = GetX509CertPtr(issuer /* NO NEED TO DUP */
md = !NIL_P(digest) ? GetDigestPtr(digest) : NULL;
newid = OCSP_cert_to_id(md, x509s, x509i
if (!newid)
ossl_raise(eOCSPError, "OCSP_cert_to_id"
}
SetOCSPCertId(self, newid
OCSP_CERTID_free(id
return self;
}
公共实例方法
cmp(其他)→true 或 false 显示源
如果它们相同,则将此证书 ID 与其other进行比较并返回true。
static VALUE
ossl_ocspcid_cmp(VALUE self, VALUE other)
{
OCSP_CERTID *id, *id2;
int result;
GetOCSPCertId(self, id
SafeGetOCSPCertId(other, id2
result = OCSP_id_cmp(id, id2
return (result == 0) ? Qtrue : Qfalse;
}
cmp_issuer(其他)→true 或 false 显示来源
如果它们相同,则将此证书ID的颁发者与其other如果它们相同,则将此证书ID的颁发者与其相比较并返回 true。
static VALUE
ossl_ocspcid_cmp_issuer(VALUE self, VALUE other)
{
OCSP_CERTID *id, *id2;
int result;
GetOCSPCertId(self, id
SafeGetOCSPCertId(other, id2
result = OCSP_id_issuer_cmp(id, id2
return (result == 0) ? Qtrue : Qfalse;
}
hash_algorithm→String 显示源
返回用于生成 issuerNameHash 和 issuerKeyHash 值的散列算法的 ln(长名称)。
static VALUE
ossl_ocspcid_get_hash_algorithm(VALUE self)
{
OCSP_CERTID *id;
ASN1_OBJECT *oid;
BIO *out;
GetOCSPCertId(self, id
OCSP_id_get0_info(NULL, &oid, NULL, NULL, id
if (!(out = BIO_new(BIO_s_mem())))
ossl_raise(eOCSPError, "BIO_new"
if (!i2a_ASN1_OBJECT(out, oid)) {
BIO_free(out
ossl_raise(eOCSPError, "i2a_ASN1_OBJECT"
}
return ossl_membio2str(out
}
issuer_key_hash→字符串显示源
返回此证书 ID 的 issuerKeyHash,即发行者公钥的哈希。
static VALUE
ossl_ocspcid_get_issuer_key_hash(VALUE self)
{
OCSP_CERTID *id;
ASN1_OCTET_STRING *key_hash;
VALUE ret;
GetOCSPCertId(self, id
OCSP_id_get0_info(NULL, NULL, &key_hash, NULL, id
ret = rb_str_new(NULL, key_hash->length * 2
ossl_bin2hex(key_hash->data, RSTRING_PTR(ret), key_hash->length
return ret;
}
issuer_name_hash→字符串显示源
返回此证书 ID 的 issuerNameHash,这是使用 hashAlgorithm 计算的颁发者专有名称的哈希。
static VALUE
ossl_ocspcid_get_issuer_name_hash(VALUE self)
{
OCSP_CERTID *id;
ASN1_OCTET_STRING *name_hash;
VALUE ret;
GetOCSPCertId(self, id
OCSP_id_get0_info(&name_hash, NULL, NULL, NULL, id
ret = rb_str_new(NULL, name_hash->length * 2
ossl_bin2hex(name_hash->data, RSTRING_PTR(ret), name_hash->length
return ret;
}
serial → Integer(串行→整数)显示源
返回正在请求状态的证书的序列号。
static VALUE
ossl_ocspcid_get_serial(VALUE self)
{
OCSP_CERTID *id;
ASN1_INTEGER *serial;
GetOCSPCertId(self, id
OCSP_id_get0_info(NULL, NULL, NULL, &serial, id
return asn1integer_to_num(serial
}
to_der→ String 显示源
将此证书标识符编码为 DER 编码的字符串。
static VALUE
ossl_ocspcid_to_der(VALUE self)
{
OCSP_CERTID *id;
VALUE str;
long len;
unsigned char *p;
GetOCSPCertId(self, id
if ((len = i2d_OCSP_CERTID(id, NULL)) <= 0)
ossl_raise(eOCSPError, NULL
str = rb_str_new(0, len
p = (unsigned char *)RSTRING_PTR(str
if (i2d_OCSP_CERTID(id, &p) <= 0)
ossl_raise(eOCSPError, NULL
ossl_str_adjust(str, p
return str;
}
