Ruby 2.4
OpenSSL

OpenSSL::X509::StoreContext

class OpenSSL::X509::StoreContext

父类:Object

StoreContext用于验证单个证书并保存涉及的状态。

公共类方法

新(商店,证书=零,链=零)显示源

static VALUE ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self) { VALUE store, cert, chain, t; X509_STORE_CTX *ctx; X509_STORE *x509st; X509 *x509 = NULL; STACK_OF(X509) *x509s = NULL; rb_scan_args(argc, argv, "12", &store, &cert, &chain GetX509StCtx(self, ctx SafeGetX509Store(store, x509st if(!NIL_P(cert)) x509 = DupX509CertPtr(cert /* NEED TO DUP */ if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain if(X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){ sk_X509_pop_free(x509s, X509_free ossl_raise(eX509StoreError, NULL } if (!NIL_P(t = rb_iv_get(store, "@time"))) ossl_x509stctx_set_time(self, t rb_iv_set(self, "@verify_callback", rb_iv_get(store, "@verify_callback") rb_iv_set(self, "@cert", cert return self; }

公共实例方法

链→X509 ::证书显示源数组

static VALUE ossl_x509stctx_get_chain(VALUE self) { X509_STORE_CTX *ctx; STACK_OF(X509) *chain; X509 *x509; int i, num; VALUE ary; GetX509StCtx(self, ctx if((chain = X509_STORE_CTX_get0_chain(ctx)) == NULL){ return Qnil; } if((num = sk_X509_num(chain)) < 0){ OSSL_Debug("certs in chain < 0???" return rb_ary_new( } ary = rb_ary_new2(num for(i = 0; i < num; i++) { x509 = sk_X509_value(chain, i rb_ary_push(ary, ossl_x509_new(x509) } return ary; }

清理(​​)显示源

# File ext/openssl/lib/openssl/x509.rb, line 157 def cleanup warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE end

current_cert→X509 ::证书显示源

static VALUE ossl_x509stctx_get_curr_cert(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx return ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx) }

current_crl→X509 :: CRL显示源

static VALUE ossl_x509stctx_get_curr_crl(VALUE self) { X509_STORE_CTX *ctx; X509_CRL *crl; GetX509StCtx(self, ctx crl = X509_STORE_CTX_get0_current_crl(ctx if (!crl) return Qnil; return ossl_x509crl_new(crl }

错误→整数显示源

static VALUE ossl_x509stctx_get_err(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx return INT2NUM(X509_STORE_CTX_get_error(ctx) }

错误= error_code显示源

static VALUE ossl_x509stctx_set_error(VALUE self, VALUE err) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx X509_STORE_CTX_set_error(ctx, NUM2INT(err) return err; }

error_depth→整数显示来源

static VALUE ossl_x509stctx_get_err_depth(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx return INT2NUM(X509_STORE_CTX_get_error_depth(ctx) }

error_string→String显示源文件

返回与由错误检索到的错误代码相对应的错误字符串。

static VALUE ossl_x509stctx_get_err_string(VALUE self) { X509_STORE_CTX *ctx; long err; GetX509StCtx(self, ctx err = X509_STORE_CTX_get_error(ctx return rb_str_new2(X509_verify_cert_error_string(err) }

flags = flags显示源文件

将验证标志设置为上下文。请参阅OpenSSL :: X509 :: Store#flags =。

static VALUE ossl_x509stctx_set_flags(VALUE self, VALUE flags) { X509_STORE_CTX *store; long f = NUM2LONG(flags GetX509StCtx(self, store X509_STORE_CTX_set_flags(store, f return flags; }

目的=目的显示源

设置上下文的目的。请参阅OpenSSL :: X509 :: Store#purpose =。

static VALUE ossl_x509stctx_set_purpose(VALUE self, VALUE purpose) { X509_STORE_CTX *store; int p = NUM2INT(purpose GetX509StCtx(self, store X509_STORE_CTX_set_purpose(store, p return purpose; }

时间=时间显示来源

设置验证中使用的时间。如果未设置,则使用当前时间。

static VALUE ossl_x509stctx_set_time(VALUE self, VALUE time) { X509_STORE_CTX *store; long t; t = NUM2LONG(rb_Integer(time) GetX509StCtx(self, store X509_STORE_CTX_set_time(store, 0, t return time; }

信任=信任显示源

static VALUE ossl_x509stctx_set_trust(VALUE self, VALUE trust) { X509_STORE_CTX *store; int t = NUM2INT(trust GetX509StCtx(self, store X509_STORE_CTX_set_trust(store, t return trust; }

验证→true | 假显示源

static VALUE ossl_x509stctx_verify(VALUE self) { X509_STORE_CTX *ctx; GetX509StCtx(self, ctx X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx, (void *)rb_iv_get(self, "@verify_callback") switch (X509_verify_cert(ctx)) { case 1: return Qtrue; case 0: ossl_clear_error( return Qfalse; default: ossl_raise(eX509CertError, NULL } }