Class: OpenSSL::X509::Name

Inherits:

Object

• Object
• OpenSSL::X509::Name

Includes:

Comparable

Defined in:

ossl_x509name.c,
lib/openssl/x509.rb,
ossl_x509name.c

Overview

An X.509 name represents a hostname, email address or other entity associated with a public key.

You can create a Name by parsing a distinguished name String or by supplying the distinguished name as an Array.

name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'

name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]

Defined Under Namespace

Modules: RFC2253DN

Constant Summary

DEFAULT_OBJECT_TYPE =

The default object type for name entries.

utf8str

OBJECT_TYPE_TEMPLATE =

The default object type template for name entries.

hash

COMPAT =

A flag for #to_s.

Breaks the name returned into multiple lines if longer than 80 characters.

ULONG2NUM(XN_FLAG_COMPAT)

RFC2253 =

A flag for #to_s.

Returns an RFC2253 format name.

ULONG2NUM(XN_FLAG_RFC2253)

ONELINE =

A flag for #to_s.

Returns a more readable format than RFC2253.

ULONG2NUM(XN_FLAG_ONELINE)

MULTILINE =

A flag for #to_s.

Returns a multiline format.

ULONG2NUM(XN_FLAG_MULTILINE)

Class Method Summary

• .parse_openssl(str, template = OBJECT_TYPE_TEMPLATE) ⇒ Object (also: parse)
• .parse_rfc2253(str, template = OBJECT_TYPE_TEMPLATE) ⇒ Object

Instance Method Summary

• #add_entry(oid, value[, type]) ⇒ self

  Adds a new entry with the given oid and value to this name.

• #cmp(other) ⇒ Object (also: #<=>)

  Compares this Name with other and returns 0 if they are the same and -1 or +1 if they are greater or less than each other respectively.

• #eql?(other) ⇒ Boolean

  Returns true if name and other refer to the same hash key.

• #hash ⇒ Integer

  The hash value returned is suitable for use as a certificate’s filename in a CA path.

• #hash_old ⇒ Integer

  Returns an MD5 based hash used in OpenSSL 0.9.X.

• #initialize(*args) ⇒ Object constructor

  Creates a new Name.

• #pretty_print(q) ⇒ Object
• #to_a ⇒ Array

  Returns an Array representation of the distinguished name suitable for passing to ::new.

• #to_der ⇒ String

  Converts the name to DER encoding.

• #to_s(*args) ⇒ Object

  Returns this name as a Distinguished Name string.

Constructor Details

#X509::Name.new ⇒ Object #X509::Name.new(der) ⇒ Object #X509::Name.new(distinguished_name) ⇒ Object #X509::Name.new(distinguished_name, template) ⇒ Object

Creates a new Name.

A name may be created from a DER encoded string der, an Array representing a distinguished_name or a distinguished_name along with a template.

name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']]

name = OpenSSL::X509::Name.new name.to_der

See add_entry for a description of the distinguished_name Array’s contents

# File 'ossl_x509name.c', line 146

static VALUE
ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
{
    X509_NAME *name;
    VALUE arg, template;

    GetX509Name(self, name);
    if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) {
	return self;
    }
    else {
	VALUE tmp = rb_check_array_type(arg);
	if (!NIL_P(tmp)) {
	    VALUE args;
	    if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE;
	    args = rb_ary_new3(2, self, template);
	    rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
	}
	else{
	    const unsigned char *p;
	    VALUE str = ossl_to_der_if_possible(arg);
	    X509_NAME *x;
	    StringValue(str);
	    p = (unsigned char *)RSTRING_PTR(str);
	    x = d2i_X509_NAME(&name, &p, RSTRING_LEN(str));
	    DATA_PTR(self) = name;
	    if(!x){
		ossl_raise(eX509NameError, NULL);
	    }
	}
    }

    return self;
}

Class Method Details

.parse_openssl(str, template = OBJECT_TYPE_TEMPLATE) ⇒ Object Also known as: parse

# File 'lib/openssl/x509.rb', line 147

def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
  ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
  self.new(ary, template)
end

.parse_rfc2253(str, template = OBJECT_TYPE_TEMPLATE) ⇒ Object

# File 'lib/openssl/x509.rb', line 142

def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
  ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
  self.new(ary, template)
end

Instance Method Details

#add_entry(oid, value[, type]) ⇒ self

Adds a new entry with the given oid and value to this name. The oid is an object identifier defined in ASN.1. Some common OIDs are:

C

Country Name

CN

Common Name

DC

Domain Component

O

Organization Name

OU

Organizational Unit Name

ST

State or Province Name

Returns:

• (self)

# File 'ossl_x509name.c', line 195

static
VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
{
    X509_NAME *name;
    VALUE oid, value, type;
    const char *oid_name;

    rb_scan_args(argc, argv, "21", &oid, &value, &type);
    oid_name = StringValueCStr(oid);
    StringValue(value);
    if(NIL_P(type)) type = rb_aref(OBJECT_TYPE_TEMPLATE, oid);
    GetX509Name(self, name);
    if (!X509_NAME_add_entry_by_txt(name, oid_name, NUM2INT(type),
		(const unsigned char *)RSTRING_PTR(value), RSTRING_LENINT(value), -1, 0)) {
	ossl_raise(eX509NameError, NULL);
    }

    return self;
}

#other ⇒ Integer #<=>(other) ⇒ Integer Also known as: <=>

Compares this Name with other and returns 0 if they are the same and -1 or +1 if they are greater or less than each other respectively.

Overloads:

• #other ⇒ Integer

  Returns:

  • (Integer)
• #<=>(other) ⇒ Integer

  Returns:

  • (Integer)

# File 'ossl_x509name.c', line 332

static VALUE
ossl_x509name_cmp(VALUE self, VALUE other)
{
    int result;

    result = ossl_x509name_cmp0(self, other);
    if (result < 0) return INT2FIX(-1);
    if (result > 1) return INT2FIX(1);

    return INT2FIX(0);
}

#eql?(other) ⇒ Boolean

Returns true if name and other refer to the same hash key.

Returns:

• (Boolean)

# File 'ossl_x509name.c', line 350

static VALUE
ossl_x509name_eql(VALUE self, VALUE other)
{
    int result;

    if(CLASS_OF(other) != cX509Name) return Qfalse;
    result = ossl_x509name_cmp0(self, other);

    return (result == 0) ? Qtrue : Qfalse;
}

#hash ⇒ Integer

The hash value returned is suitable for use as a certificate’s filename in a CA path.

Returns:

• (Integer)

# File 'ossl_x509name.c', line 368

static VALUE
ossl_x509name_hash(VALUE self)
{
    X509_NAME *name;
    unsigned long hash;

    GetX509Name(self, name);

    hash = X509_NAME_hash(name);

    return ULONG2NUM(hash);
}

#hash_old ⇒ Integer

Returns an MD5 based hash used in OpenSSL 0.9.X.

Returns:

• (Integer)

# File 'ossl_x509name.c', line 388

static VALUE
ossl_x509name_hash_old(VALUE self)
{
    X509_NAME *name;
    unsigned long hash;

    GetX509Name(self, name);

    hash = X509_NAME_hash_old(name);

    return ULONG2NUM(hash);
}

#pretty_print(q) ⇒ Object

# File 'lib/openssl/x509.rb', line 155

def pretty_print(q)
  q.object_group(self) {
    q.text ' '
    q.text to_s(OpenSSL::X509::Name::RFC2253)
  }
end

#to_a ⇒ Array

Returns an Array representation of the distinguished name suitable for passing to ::new

Returns:

• (Array)

# File 'ossl_x509name.c', line 273

static VALUE
ossl_x509name_to_a(VALUE self)
{
    X509_NAME *name;
    X509_NAME_ENTRY *entry;
    int i,entries,nid;
    char long_name[512];
    const char *short_name;
    VALUE ary, vname, ret;

    GetX509Name(self, name);
    entries = X509_NAME_entry_count(name);
    if (entries < 0) {
	OSSL_Debug("name entries < 0!");
	return rb_ary_new();
    }
    ret = rb_ary_new2(entries);
    for (i=0; i<entries; i++) {
	if (!(entry = X509_NAME_get_entry(name, i))) {
	    ossl_raise(eX509NameError, NULL);
	}
	if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object)) {
	    ossl_raise(eX509NameError, NULL);
	}
	nid = OBJ_ln2nid(long_name);
	if (nid == NID_undef) {
	    vname = rb_str_new2((const char *) &long_name);
	} else {
	    short_name = OBJ_nid2sn(nid);
	    vname = rb_str_new2(short_name); /*do not free*/
	}
	ary = rb_ary_new3(3,
			  vname,
        		  rb_str_new((const char *)entry->value->data, entry->value->length),
        		  INT2FIX(entry->value->type));
	rb_ary_push(ret, ary);
    }
    return ret;
}

#to_der ⇒ String

Converts the name to DER encoding

Returns:

• (String)

# File 'ossl_x509name.c', line 408

static VALUE
ossl_x509name_to_der(VALUE self)
{
    X509_NAME *name;
    VALUE str;
    long len;
    unsigned char *p;

    GetX509Name(self, name);
    if((len = i2d_X509_NAME(name, NULL)) <= 0)
	ossl_raise(eX509NameError, NULL);
    str = rb_str_new(0, len);
    p = (unsigned char *)RSTRING_PTR(str);
    if(i2d_X509_NAME(name, &p) <= 0)
	ossl_raise(eX509NameError, NULL);
    ossl_str_adjust(str, p);

    return str;
}

#to_s ⇒ String #to_s(flags) ⇒ String

Returns this name as a Distinguished Name string. flags may be one of:

• OpenSSL::X509::Name::COMPAT

• OpenSSL::X509::Name::RFC2253

• OpenSSL::X509::Name::ONELINE

• OpenSSL::X509::Name::MULTILINE

Overloads:

• #to_s ⇒ String

  Returns:

  • (String)
• #to_s(flags) ⇒ String

  Returns:

  • (String)

# File 'ossl_x509name.c', line 242

static VALUE
ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
{
    X509_NAME *name;
    VALUE flag, str;
    BIO *out;
    unsigned long iflag;

    rb_scan_args(argc, argv, "01", &flag);
    if (NIL_P(flag))
	return ossl_x509name_to_s_old(self);
    else iflag = NUM2ULONG(flag);
    if (!(out = BIO_new(BIO_s_mem())))
	ossl_raise(eX509NameError, NULL);
    GetX509Name(self, name);
    if (!X509_NAME_print_ex(out, name, 0, iflag)){
	BIO_free(out);
	ossl_raise(eX509NameError, NULL);
    }
    str = ossl_membio2str(out);

    return str;
}