12#define NewPKCS7si(klass) \
13 TypedData_Wrap_Struct((klass), &ossl_pkcs7_signer_info_type, 0)
14#define SetPKCS7si(obj, p7si) do { \
16 ossl_raise(rb_eRuntimeError, "PKCS7si wasn't initialized."); \
18 RTYPEDDATA_DATA(obj) = (p7si); \
20#define GetPKCS7si(obj, p7si) do { \
21 TypedData_Get_Struct((obj), PKCS7_SIGNER_INFO, &ossl_pkcs7_signer_info_type, (p7si)); \
23 ossl_raise(rb_eRuntimeError, "PKCS7si wasn't initialized."); \
27#define NewPKCS7ri(klass) \
28 TypedData_Wrap_Struct((klass), &ossl_pkcs7_recip_info_type, 0)
29#define SetPKCS7ri(obj, p7ri) do { \
31 ossl_raise(rb_eRuntimeError, "PKCS7ri wasn't initialized."); \
33 RTYPEDDATA_DATA(obj) = (p7ri); \
35#define GetPKCS7ri(obj, p7ri) do { \
36 TypedData_Get_Struct((obj), PKCS7_RECIP_INFO, &ossl_pkcs7_recip_info_type, (p7ri)); \
38 ossl_raise(rb_eRuntimeError, "PKCS7ri wasn't initialized."); \
42#define numberof(ary) (int)(sizeof(ary)/sizeof((ary)[0]))
44#define ossl_pkcs7_set_data(o,v) rb_iv_set((o), "@data", (v))
45#define ossl_pkcs7_get_data(o) rb_iv_get((o), "@data")
46#define ossl_pkcs7_set_err_string(o,v) rb_iv_set((o), "@error_string", (v))
47#define ossl_pkcs7_get_err_string(o) rb_iv_get((o), "@error_string")
58ossl_pkcs7_free(
void *
ptr)
72ossl_pkcs7_signer_info_free(
void *
ptr)
74 PKCS7_SIGNER_INFO_free(
ptr);
78 "OpenSSL/PKCS7/SIGNER_INFO",
80 0, ossl_pkcs7_signer_info_free,
86ossl_pkcs7_recip_info_free(
void *
ptr)
88 PKCS7_RECIP_INFO_free(
ptr);
92 "OpenSSL/PKCS7/RECIP_INFO",
94 0, ossl_pkcs7_recip_info_free,
103static PKCS7_SIGNER_INFO *
104ossl_PKCS7_SIGNER_INFO_dup(
const PKCS7_SIGNER_INFO *si)
106 return (PKCS7_SIGNER_INFO *)ASN1_dup((i2d_of_void *)i2d_PKCS7_SIGNER_INFO,
107 (d2i_of_void *)d2i_PKCS7_SIGNER_INFO,
111static PKCS7_RECIP_INFO *
112ossl_PKCS7_RECIP_INFO_dup(
const PKCS7_RECIP_INFO *si)
114 return (PKCS7_RECIP_INFO *)ASN1_dup((i2d_of_void *)i2d_PKCS7_RECIP_INFO,
115 (d2i_of_void *)d2i_PKCS7_RECIP_INFO,
120ossl_pkcs7si_new(PKCS7_SIGNER_INFO *p7si)
122 PKCS7_SIGNER_INFO *pkcs7;
126 pkcs7 = p7si ? ossl_PKCS7_SIGNER_INFO_dup(p7si) : PKCS7_SIGNER_INFO_new();
133static PKCS7_SIGNER_INFO *
134DupPKCS7SignerPtr(
VALUE obj)
136 PKCS7_SIGNER_INFO *p7si, *pkcs7;
139 if (!(pkcs7 = ossl_PKCS7_SIGNER_INFO_dup(p7si))) {
147ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
149 PKCS7_RECIP_INFO *pkcs7;
153 pkcs7 = p7ri ? ossl_PKCS7_RECIP_INFO_dup(p7ri) : PKCS7_RECIP_INFO_new();
160static PKCS7_RECIP_INFO *
161DupPKCS7RecipientPtr(
VALUE obj)
163 PKCS7_RECIP_INFO *p7ri, *pkcs7;
166 if (!(pkcs7 = ossl_PKCS7_RECIP_INFO_dup(p7ri))) {
178ossl_pkcs7_s_read_smime(
VALUE klass,
VALUE arg)
187 pkcs7 = SMIME_read_PKCS7(
in, &
out);
205 VALUE pkcs7, data, flags;
215 if(!
NIL_P(data) && PKCS7_is_detached(p7))
216 flg |= PKCS7_DETACHED;
218 if(!(
out = BIO_new(BIO_s_mem()))){
222 if(!SMIME_write_PKCS7(
out, p7,
in, flg)){
240 VALUE cert,
key, data, certs, flags;
257 x509s = ossl_protect_x509_ary2sk(certs, &status);
263 if(!(pkcs7 = PKCS7_sign(x509, pkey, x509s,
in, flg))){
265 sk_X509_pop_free(x509s, X509_free);
272 sk_X509_pop_free(x509s, X509_free);
284 VALUE certs, data, cipher, flags;
287 const EVP_CIPHER *ciph;
294#if !defined(OPENSSL_NO_RC2)
295 ciph = EVP_rc2_40_cbc();
296#elif !defined(OPENSSL_NO_DES)
297 ciph = EVP_des_ede3_cbc();
298#elif !defined(OPENSSL_NO_RC2)
299 ciph = EVP_rc2_40_cbc();
300#elif !defined(OPENSSL_NO_AES)
301 ciph = EVP_EVP_aes_128_cbc();
311 x509s = ossl_protect_x509_ary2sk(certs, &status);
316 if(!(p7 = PKCS7_encrypt(x509s,
in, (EVP_CIPHER*)ciph, flg))){
318 sk_X509_pop_free(x509s, X509_free);
324 sk_X509_pop_free(x509s, X509_free);
330ossl_pkcs7_alloc(
VALUE klass)
336 if (!(pkcs7 = PKCS7_new())) {
362 p7 = PEM_read_bio_PKCS7(
in, &pkcs,
NULL,
NULL);
365 p7 = d2i_PKCS7_bio(
in, &pkcs);
384 PKCS7 *a, *b, *pkcs7;
387 if (self == other)
return self;
392 pkcs7 = PKCS7_dup(b);
409 static const struct {
413 {
"signed", NID_pkcs7_signed },
414 {
"data", NID_pkcs7_data },
415 {
"signedAndEnveloped", NID_pkcs7_signedAndEnveloped },
416 {
"enveloped", NID_pkcs7_enveloped },
417 {
"encrypted", NID_pkcs7_encrypted },
418 {
"digest", NID_pkcs7_digest },
428 if(
strlen(p7_type_tab[i].
name) != l)
continue;
429 if(strcmp(p7_type_tab[i].
name, s) == 0){
430 ret = p7_type_tab[i].nid;
448 if(!PKCS7_set_type(p7, ossl_pkcs7_sym2typeid(
type)))
459ossl_pkcs7_get_type(
VALUE self)
464 if(PKCS7_type_is_signed(p7))
466 if(PKCS7_type_is_encrypted(p7))
468 if(PKCS7_type_is_enveloped(p7))
470 if(PKCS7_type_is_signedAndEnveloped(p7))
472 if(PKCS7_type_is_data(p7))
478ossl_pkcs7_set_detached(
VALUE self,
VALUE flag)
485 if(!PKCS7_set_detached(p7, flag ==
Qtrue ? 1 : 0))
492ossl_pkcs7_get_detached(
VALUE self)
500ossl_pkcs7_detached_p(
VALUE self)
508ossl_pkcs7_set_cipher(
VALUE self,
VALUE cipher)
521ossl_pkcs7_add_signer(
VALUE self,
VALUE signer)
524 PKCS7_SIGNER_INFO *p7si;
526 p7si = DupPKCS7SignerPtr(signer);
528 if (!PKCS7_add_signer(pkcs7, p7si)) {
529 PKCS7_SIGNER_INFO_free(p7si);
532 if (PKCS7_type_is_signed(pkcs7)){
533 PKCS7_add_signed_attribute(p7si, NID_pkcs9_contentType,
534 V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));
541ossl_pkcs7_get_signer(
VALUE self)
545 PKCS7_SIGNER_INFO *si;
550 if (!(sk = PKCS7_get_signer_info(pkcs7))) {
551 OSSL_Debug(
"OpenSSL::PKCS7#get_signer_info == NULL!");
554 if ((
num = sk_PKCS7_SIGNER_INFO_num(sk)) < 0) {
558 for (i=0; i<
num; i++) {
559 si = sk_PKCS7_SIGNER_INFO_value(sk, i);
567ossl_pkcs7_add_recipient(
VALUE self,
VALUE recip)
570 PKCS7_RECIP_INFO *ri;
572 ri = DupPKCS7RecipientPtr(recip);
574 if (!PKCS7_add_recipient_info(pkcs7, ri)) {
575 PKCS7_RECIP_INFO_free(ri);
583ossl_pkcs7_get_recipient(
VALUE self)
587 PKCS7_RECIP_INFO *si;
592 if (PKCS7_type_is_enveloped(pkcs7))
593 sk = pkcs7->d.enveloped->recipientinfo;
594 else if (PKCS7_type_is_signedAndEnveloped(pkcs7))
595 sk = pkcs7->d.signed_and_enveloped->recipientinfo;
598 if ((
num = sk_PKCS7_RECIP_INFO_num(sk)) < 0) {
602 for (i=0; i<
num; i++) {
603 si = sk_PKCS7_RECIP_INFO_value(sk, i);
611ossl_pkcs7_add_certificate(
VALUE self,
VALUE cert)
618 if (!PKCS7_add_certificate(pkcs7, x509)){
626pkcs7_get_certs(
VALUE self)
633 i = OBJ_obj2nid(pkcs7->type);
635 case NID_pkcs7_signed:
636 certs = pkcs7->d.sign->cert;
638 case NID_pkcs7_signedAndEnveloped:
639 certs = pkcs7->d.signed_and_enveloped->cert;
649pkcs7_get_crls(
VALUE self)
656 i = OBJ_obj2nid(pkcs7->type);
658 case NID_pkcs7_signed:
659 crls = pkcs7->d.sign->crl;
661 case NID_pkcs7_signedAndEnveloped:
662 crls = pkcs7->d.signed_and_enveloped->crl;
674 return ossl_pkcs7_add_certificate(arg, i);
678ossl_pkcs7_set_certificates(
VALUE self,
VALUE ary)
683 certs = pkcs7_get_certs(self);
684 while((cert = sk_X509_pop(certs))) X509_free(cert);
691ossl_pkcs7_get_certificates(
VALUE self)
704 if (!PKCS7_add_crl(pkcs7, x509crl)) {
714 return ossl_pkcs7_add_crl(arg, i);
723 crls = pkcs7_get_crls(self);
724 while((crl = sk_X509_CRL_pop(crls))) X509_CRL_free(crl);
731ossl_pkcs7_get_crls(
VALUE self)
739 VALUE certs, store, indata, flags;
742 int flg, ok, status = 0;
756 x509s = ossl_protect_x509_ary2sk(certs, &status);
762 if(!(
out = BIO_new(BIO_s_mem()))){
764 sk_X509_pop_free(x509s, X509_free);
767 ok = PKCS7_verify(p7, x509s, x509st,
in,
out, flg);
769 sk_X509_pop_free(x509s, X509_free);
771 msg = ERR_reason_error_string(ERR_peek_error());
783 VALUE pkey, cert, flags;
796 if(!(
out = BIO_new(BIO_s_mem())))
798 if(!PKCS7_decrypt(p7,
key, x509,
out, flg)){
816 if(PKCS7_type_is_signed(pkcs7)){
817 if(!PKCS7_content_new(pkcs7, NID_pkcs7_data))
821 if(!(
out = PKCS7_dataInit(pkcs7,
NULL)))
goto err;
828 if(!PKCS7_dataFinal(pkcs7,
out))
goto err;
834 if(ERR_peek_error()){
842ossl_pkcs7_to_der(
VALUE self)
850 if((
len = i2d_PKCS7(pkcs7,
NULL)) <= 0)
854 if(i2d_PKCS7(pkcs7, &p) <= 0)
862ossl_pkcs7_to_pem(
VALUE self)
869 if (!(
out = BIO_new(BIO_s_mem()))) {
872 if (!PEM_write_bio_PKCS7(
out, pkcs7)) {
885ossl_pkcs7si_alloc(
VALUE klass)
887 PKCS7_SIGNER_INFO *p7si;
891 if (!(p7si = PKCS7_SIGNER_INFO_new())) {
902 PKCS7_SIGNER_INFO *p7si;
911 if (!(PKCS7_SIGNER_INFO_set(p7si, x509, pkey, (EVP_MD*)md))) {
919ossl_pkcs7si_get_issuer(
VALUE self)
921 PKCS7_SIGNER_INFO *p7si;
929ossl_pkcs7si_get_serial(
VALUE self)
931 PKCS7_SIGNER_INFO *p7si;
939ossl_pkcs7si_get_signed_time(
VALUE self)
941 PKCS7_SIGNER_INFO *p7si;
946 if (!(asn1obj = PKCS7_get_signed_attribute(p7si, NID_pkcs9_signingTime))) {
949 if (asn1obj->type == V_ASN1_UTCTIME) {
965ossl_pkcs7ri_alloc(
VALUE klass)
967 PKCS7_RECIP_INFO *p7ri;
971 if (!(p7ri = PKCS7_RECIP_INFO_new())) {
980ossl_pkcs7ri_initialize(
VALUE self,
VALUE cert)
982 PKCS7_RECIP_INFO *p7ri;
987 if (!PKCS7_RECIP_INFO_set(p7ri, x509)) {
995ossl_pkcs7ri_get_issuer(
VALUE self)
997 PKCS7_RECIP_INFO *p7ri;
1005ossl_pkcs7ri_get_serial(
VALUE self)
1007 PKCS7_RECIP_INFO *p7ri;
1015ossl_pkcs7ri_get_enc_key(
VALUE self)
1017 PKCS7_RECIP_INFO *p7ri;
1086#define DefPKCS7Const(x) rb_define_const(cPKCS7, #x, INT2NUM(PKCS7_##x))
VALUE rb_ary_push(VALUE ary, VALUE item)
#define rb_define_method(klass, mid, func, arity)
Defines klass#mid.
#define rb_define_singleton_method(klass, mid, func, arity)
Defines klass.mid.
char str[HTML_ESCAPE_MAX_LEN+1]
#define RSTRING_PTR(string)
VALUE rb_define_class_under(VALUE outer, const char *name, VALUE super)
Defines a class under the namespace of outer.
VALUE rb_define_module(const char *name)
void rb_define_alias(VALUE klass, const char *name1, const char *name2)
Defines an alias of a method.
int rb_scan_args(int argc, const VALUE *argv, const char *fmt,...)
void rb_jump_tag(int tag)
Continues the exception caught by rb_protect() and rb_eval_string_protect().
VALUE rb_cObject
Object class.
unsigned in(void *in_desc, z_const unsigned char **buf)
#define rb_str_new(str, len)
void rb_attr(VALUE, ID, int, int, int)
void rb_define_alloc_func(VALUE, rb_alloc_func_t)
ID rb_intern(const char *)
void rb_define_const(VALUE, const char *, VALUE)
#define RB_BLOCK_CALL_FUNC_ARGLIST(yielded_arg, callback_arg)
VALUE rb_block_call(VALUE q, ID w, int e, const VALUE *r, type *t, VALUE y)
Call a method with a block.
VALUE type(ANYARGS)
ANYARGS-ed function type.
VALUE ossl_to_der_if_possible(VALUE obj)
void ossl_raise(VALUE exc, const char *fmt,...)
void ossl_clear_error(void)
#define ossl_str_adjust(str, p)
int *VALUE ossl_x509_sk2ary(const STACK_OF(X509) *certs)
#define OSSL_BIO_reset(bio)
STACK_OF(X509) *ossl_x509_ary2sk(VALUE)
VALUE ossl_x509crl_sk2ary(const STACK_OF(X509_CRL) *crl)
VALUE asn1integer_to_num(const ASN1_INTEGER *ai)
VALUE asn1time_to_time(const ASN1_TIME *time)
VALUE asn1str_to_str(const ASN1_STRING *str)
BIO * ossl_obj2bio(volatile VALUE *pobj)
VALUE ossl_membio2str(BIO *bio)
const EVP_CIPHER * ossl_evp_get_cipherbyname(VALUE obj)
const EVP_MD * ossl_evp_get_digestbyname(VALUE obj)
#define GetPKCS7si(obj, p7si)
#define ossl_pkcs7_set_err_string(o, v)
#define NewPKCS7si(klass)
#define NewPKCS7ri(klass)
#define ossl_pkcs7_set_data(o, v)
void Init_ossl_pkcs7(void)
#define SetPKCS7si(obj, p7si)
#define ossl_pkcs7_get_data(o)
const rb_data_type_t ossl_pkcs7_type
#define SetPKCS7ri(obj, p7ri)
#define GetPKCS7ri(obj, p7ri)
#define GetPKCS7(obj, pkcs7)
#define SetPKCS7(obj, pkcs7)
EVP_PKEY * GetPrivPKeyPtr(VALUE obj)
X509_STORE * GetX509StorePtr(VALUE)
VALUE ossl_x509name_new(X509_NAME *)
X509 * GetX509CertPtr(VALUE)
X509_CRL * GetX509CRLPtr(VALUE)
#define RSTRING_GETMEM(str, ptrvar, lenvar)
@ RUBY_TYPED_FREE_IMMEDIATELY
size_t strlen(const char *)