1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

* ext/openssl/ossl_x509name.c (ossl_x509name_to_s): add optional

second argument to specify the output format (see also
  X509_NAME_print_ex).

* ext/openssl/ossl_x509name.c (ossl_x509name_init): new constants:
  OpenSSL::X509::Name::COMPAT, OpenSSL::X509::Name::RFC2253,
  OpenSSL::X509::ONELINE, OpenSSL::X509::MULTILINE.

* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name::RFC2253DN):
  new module to provide the parse for RFC2253 DN format.

* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name.parse_rfc2253):
  new method to parse RFC2253 DN format.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6902 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
gotoyuzo 2004-09-13 12:35:25 +00:00
parent f3721195a9
commit 07f245da37
4 changed files with 232 additions and 5 deletions

View file

@ -1,3 +1,19 @@
Mon Sep 13 21:33:40 2004 GOTOU Yuuzou <gotoyuzo@notwork.org>
* ext/openssl/ossl_x509name.c (ossl_x509name_to_s): add optional
second argument to specify the output format (see also
X509_NAME_print_ex).
* ext/openssl/ossl_x509name.c (ossl_x509name_init): new constants:
OpenSSL::X509::Name::COMPAT, OpenSSL::X509::Name::RFC2253,
OpenSSL::X509::ONELINE, OpenSSL::X509::MULTILINE.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name::RFC2253DN):
new module to provide the parse for RFC2253 DN format.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name.parse_rfc2253):
new method to parse RFC2253 DN format.
Mon Sep 13 19:16:33 2004 WATANABE Hirofumi <eban@ruby-lang.org>
* eval.c (blk_copy_prev): need frame_dup(). [ruby-dev:24103]

View file

@ -62,9 +62,92 @@ module OpenSSL
end
class Name
def self.parse(str, template=OBJECT_TYPE_TEMPLATE)
ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
self.new(ary, template)
module RFC2253DN
Special = ',=+<>#;'
HexChar = /[0-9a-fA-F]/
HexPair = /#{HexChar}#{HexChar}/
HexString = /#{HexPair}+/
Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
StringChar = /[^#{Special}\\"]/
QuoteChar = /[^\\"]/
AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
AttributeValue = /
(?!["#])((?:#{StringChar}|#{Pair})*)|
\#(#{HexString})|
"((?:#{QuoteChar}|#{Pair})*)"
/x
TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
module_function
def expand_pair(str)
return nil unless str
return str.gsub(Pair){|pair|
case pair.size
when 2 then pair[1,1]
when 3 then Integer("0x#{pair[1,2]}").chr
else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
end
}
end
def expand_hexstring(str)
return nil unless str
der = str.gsub(HexPair){|hex| Integer("0x#{hex}").chr }
a1 = OpenSSL::ASN1.decode(der)
return a1.value, a1.tag
end
def expand_value(str1, str2, str3)
value = expand_pair(str1)
value, tag = expand_hexstring(str2) unless value
value = expand_pair(str3) unless value
return value, tag
end
def scan(dn)
str = dn
ary = []
while true
if md = TypeAndValue.match(str)
matched = md.to_s
remain = md.post_match
type = md[1]
value, tag = expand_value(md[2], md[3], md[4]) rescue nil
if value
type_and_value = [type, value]
type_and_value.push(tag) if tag
ary.unshift(type_and_value)
if remain.length > 2 && remain[0] == ?,
str = remain[1..-1]
next
elsif remain.length > 2 && remain[0] == ?+
raise OpenSSL::X509::NameError,
"multi-valued RDN is not supported: #{dn}"
elsif remain.empty?
break
end
end
end
msg_dn = dn[0, dn.length - str.length] + " =>" + str
raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
end
return ary
end
end
class <<self
def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
self.new(ary, template)
end
def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
self.new(ary, template)
end
alias parse parse_openssl
end
end
end

View file

@ -158,7 +158,7 @@ VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
}
static VALUE
ossl_x509name_to_s(VALUE self)
ossl_x509name_to_s_old(VALUE self)
{
X509_NAME *name;
char *buf;
@ -172,6 +172,30 @@ ossl_x509name_to_s(VALUE self)
return str;
}
static VALUE
ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
{
X509_NAME *name;
VALUE flag, str;
BIO *out;
unsigned long iflag;
GetX509Name(self, name);
rb_scan_args(argc, argv, "01", &flag);
if (NIL_P(flag))
return ossl_x509name_to_s_old(self);
else iflag = NUM2ULONG(flag);
if (!(out = BIO_new(BIO_s_mem())))
rb_raise(eX509NameError, NULL);
if (!X509_NAME_print_ex(out, name, 0, iflag)){
BIO_free(out);
rb_raise(eX509NameError, NULL);
}
str = ossl_membio2str(out);
return str;
}
static VALUE
ossl_x509name_to_a(VALUE self)
{
@ -287,7 +311,7 @@ Init_ossl_x509name()
rb_define_alloc_func(cX509Name, ossl_x509name_alloc);
rb_define_method(cX509Name, "initialize", ossl_x509name_initialize, -1);
rb_define_method(cX509Name, "add_entry", ossl_x509name_add_entry, -1);
rb_define_method(cX509Name, "to_s", ossl_x509name_to_s, 0);
rb_define_method(cX509Name, "to_s", ossl_x509name_to_s, -1);
rb_define_method(cX509Name, "to_a", ossl_x509name_to_a, 0);
rb_define_method(cX509Name, "cmp", ossl_x509name_cmp, 1);
rb_define_alias(cX509Name, "<=>", "cmp");
@ -308,4 +332,9 @@ Init_ossl_x509name()
rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str);
rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str);
rb_define_const(cX509Name, "OBJECT_TYPE_TEMPLATE", hash);
rb_define_const(cX509Name, "COMPAT", ULONG2NUM(XN_FLAG_COMPAT));
rb_define_const(cX509Name, "RFC2253", ULONG2NUM(XN_FLAG_RFC2253));
rb_define_const(cX509Name, "ONELINE", ULONG2NUM(XN_FLAG_ONELINE));
rb_define_const(cX509Name, "MULTILINE", ULONG2NUM(XN_FLAG_MULTILINE));
}

View file

@ -138,6 +138,105 @@ class OpenSSL::TestX509Name < Test::Unit::TestCase
assert_equal(OpenSSL::ASN1::PRINTABLESTRING, ary[2][2])
end
def test_s_parse_rfc2253
scanner = OpenSSL::X509::Name::RFC2253DN.method(:scan)
assert_equal([["C", "JP"]], scanner.call("C=JP"))
assert_equal([
["DC", "org"],
["DC", "ruby-lang"],
["CN", "GOTOU Yuuzou"],
["emailAddress", "gotoyuzo@ruby-lang.org"],
],
scanner.call(
"emailAddress=gotoyuzo@ruby-lang.org,CN=GOTOU Yuuzou,"+
"DC=ruby-lang,DC=org")
)
u8 = OpenSSL::ASN1::UTF8STRING
assert_equal([
["DC", "org"],
["DC", "ruby-lang"],
["O", ",=+<>#;"],
["O", ",=+<>#;"],
["OU", ""],
["OU", ""],
["L", "aaa=\"bbb, ccc\""],
["L", "aaa=\"bbb, ccc\""],
["CN", "\345\276\214\350\227\244\350\243\225\350\224\265"],
["CN", "\345\276\214\350\227\244\350\243\225\350\224\265"],
["CN", "\345\276\214\350\227\244\350\243\225\350\224\265"],
["CN", "\345\276\214\350\227\244\350\243\225\350\224\265", u8],
["2.5.4.3", "GOTOU, Yuuzou"],
["2.5.4.3", "GOTOU, Yuuzou"],
["2.5.4.3", "GOTOU, Yuuzou"],
["2.5.4.3", "GOTOU, Yuuzou"],
["CN", "GOTOU \"gotoyuzo\" Yuuzou"],
["CN", "GOTOU \"gotoyuzo\" Yuuzou"],
["1.2.840.113549.1.9.1", "gotoyuzo@ruby-lang.org"],
["emailAddress", "gotoyuzo@ruby-lang.org"],
],
scanner.call(
"emailAddress=gotoyuzo@ruby-lang.org," +
"1.2.840.113549.1.9.1=gotoyuzo@ruby-lang.org," +
'CN=GOTOU \"gotoyuzo\" Yuuzou,' +
'CN="GOTOU \"gotoyuzo\" Yuuzou",' +
'2.5.4.3=GOTOU\,\20Yuuzou,' +
'2.5.4.3=GOTOU\, Yuuzou,' +
'2.5.4.3="GOTOU, Yuuzou",' +
'2.5.4.3="GOTOU\, Yuuzou",' +
"CN=#0C0CE5BE8CE897A4E8A395E894B5," +
'CN=\E5\BE\8C\E8\97\A4\E8\A3\95\E8\94\B5,' +
"CN=\"\xE5\xBE\x8C\xE8\x97\xA4\xE8\xA3\x95\xE8\x94\xB5\"," +
"CN=\xE5\xBE\x8C\xE8\x97\xA4\xE8\xA3\x95\xE8\x94\xB5," +
'L=aaa\=\"bbb\, ccc\",' +
'L="aaa=\"bbb, ccc\"",' +
'OU=,' +
'OU="",' +
'O=\,\=\+\<\>\#\;,' +
'O=",=+<>#;",' +
"DC=ruby-lang," +
"DC=org")
)
[
"DC=org+DC=jp",
"DC=org,DC=ruby-lang+DC=rubyist,DC=www"
].each{|dn|
ex = scanner.call(dn) rescue $!
dn_r = Regexp.escape(dn)
assert_match(/^multi-valued RDN is not supported: #{dn_r}/, ex.message)
}
[
["DC=org,DC=exapmle,CN", "CN"],
["DC=org,DC=example,", ""],
["DC=org,DC=exapmle,CN=www.example.org;", "CN=www.example.org;"],
["DC=org,DC=exapmle,CN=#www.example.org", "CN=#www.example.org"],
["DC=org,DC=exapmle,CN=#777777.example.org", "CN=#777777.example.org"],
["DC=org,DC=exapmle,CN=\"www.example\".org", "CN=\"www.example\".org"],
["DC=org,DC=exapmle,CN=www.\"example.org\"", "CN=www.\"example.org\""],
["DC=org,DC=exapmle,CN=www.\"example\".org", "CN=www.\"example\".org"],
].each{|dn, msg|
ex = scanner.call(dn) rescue $!
assert_match(/^malformed RDN: .*=>#{Regexp.escape(msg)}/, ex.message)
}
dn = "CN=www.ruby-lang.org,DC=ruby-lang,DC=org"
name = OpenSSL::X509::Name.parse_rfc2253(dn)
assert_equal(dn, name.to_s(OpenSSL::X509::Name::RFC2253))
ary = name.to_a
assert_equal("DC", ary[0][0])
assert_equal("DC", ary[1][0])
assert_equal("CN", ary[2][0])
assert_equal("org", ary[0][1])
assert_equal("ruby-lang", ary[1][1])
assert_equal("www.ruby-lang.org", ary[2][1])
assert_equal(OpenSSL::ASN1::IA5STRING, ary[0][2])
assert_equal(OpenSSL::ASN1::IA5STRING, ary[1][2])
assert_equal(OpenSSL::ASN1::UTF8STRING, ary[2][2])
end
def test_add_entry
dn = [
["DC", "org"],