File: C:/Ruby27-x64/share/doc/ruby/html/OpenSSL/PKCS12.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>class OpenSSL::PKCS12 - RDoc Documentation</title>
<script type="text/javascript">
var rdoc_rel_prefix = "../";
var index_rel_prefix = "../";
</script>
<script src="../js/navigation.js" defer></script>
<script src="../js/search.js" defer></script>
<script src="../js/search_index.js" defer></script>
<script src="../js/searcher.js" defer></script>
<script src="../js/darkfish.js" defer></script>
<link href="../css/fonts.css" rel="stylesheet">
<link href="../css/rdoc.css" rel="stylesheet">
<body id="top" role="document" class="class">
<nav role="navigation">
<div id="project-navigation">
<div id="home-section" role="region" title="Quick navigation" class="nav-section">
<h2>
<a href="../index.html" rel="home">Home</a>
</h2>
<div id="table-of-contents-navigation">
<a href="../table_of_contents.html#pages">Pages</a>
<a href="../table_of_contents.html#classes">Classes</a>
<a href="../table_of_contents.html#methods">Methods</a>
</div>
</div>
<div id="search-section" role="search" class="project-section initially-hidden">
<form action="#" method="get" accept-charset="utf-8">
<div id="search-field-wrapper">
<input id="search-field" role="combobox" aria-label="Search"
aria-autocomplete="list" aria-controls="search-results"
type="text" name="search" placeholder="Search" spellcheck="false"
title="Type to search, Up and Down to navigate, Enter to load">
</div>
<ul id="search-results" aria-label="Search Results"
aria-busy="false" aria-expanded="false"
aria-atomic="false" class="initially-hidden"></ul>
</form>
</div>
</div>
<div id="class-metadata">
<div id="parent-class-section" class="nav-section">
<h3>Parent</h3>
<p class="link"><a href="../Object.html">Object</a>
</div>
<!-- Method Quickref -->
<div id="method-list-section" class="nav-section">
<h3>Methods</h3>
<ul class="link-list" role="directory">
<li ><a href="#method-c-create">::create</a>
<li ><a href="#method-c-new">::new</a>
<li ><a href="#method-i-initialize_copy">#initialize_copy</a>
<li ><a href="#method-i-to_der">#to_der</a>
</ul>
</div>
</div>
</nav>
<main role="main" aria-labelledby="class-OpenSSL::PKCS12">
<h1 id="class-OpenSSL::PKCS12" class="class">
class OpenSSL::PKCS12
</h1>
<section class="description">
<p>Defines a file format commonly used to store private keys with accompanying public key certificates, protected with a password-based symmetric key.</p>
</section>
<section id="5Buntitled-5D" class="documentation-section">
<section class="attribute-method-details" class="method-section">
<header>
<h3>Attributes</h3>
</header>
<div id="attribute-i-ca_certs" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">ca_certs</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
<div id="attribute-i-certificate" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">certificate</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
<div id="attribute-i-key" class="method-detail">
<div class="method-heading attribute-method-heading">
<span class="method-name">key</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
</section>
<section id="public-class-5Buntitled-5D-method-details" class="method-section">
<header>
<h3>Public Class Methods</h3>
</header>
<div id="method-c-create" class="method-detail ">
<div class="method-heading">
<span class="method-callseq">
create(pass, name, key, cert [, ca, [, key_pbe [, cert_pbe [, key_iter [, mac_iter [, keytype]]]]]])
</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<h3 id="method-c-create-label-Parameters">Parameters<span><a href="#method-c-create-label-Parameters">¶</a> <a href="#top">↑</a></span></h3>
<ul><li>
<p><em>pass</em> - string</p>
</li><li>
<p><em>name</em> - A string describing the key.</p>
</li><li>
<p><em>key</em> - Any <a href="PKey.html"><code>PKey</code></a>.</p>
</li><li>
<p><em>cert</em> - A <a href="X509/Certificate.html"><code>X509::Certificate</code></a>.</p>
<ul><li>
<p>The public_key portion of the certificate must contain a valid public key.</p>
</li><li>
<p>The not_before and not_after fields must be filled in.</p>
</li></ul>
</li><li>
<p><em>ca</em> - An optional array of X509::Certificate's.</p>
</li><li>
<p><em>key_pbe</em> - string</p>
</li><li>
<p><em>cert_pbe</em> - string</p>
</li><li>
<p><em>key_iter</em> - integer</p>
</li><li>
<p><em>mac_iter</em> - integer</p>
</li><li>
<p><em>keytype</em> - An integer representing an MSIE specific extension.</p>
</li></ul>
<p>Any optional arguments may be supplied as <code>nil</code> to preserve the <a href="../OpenSSL.html"><code>OpenSSL</code></a> defaults.</p>
<p>See the <a href="../OpenSSL.html"><code>OpenSSL</code></a> documentation for PKCS12_create().</p>
<div class="method-source-code" id="create-source">
<pre>static VALUE
ossl_pkcs12_s_create(int argc, VALUE *argv, VALUE self)
{
VALUE pass, name, pkey, cert, ca, key_nid, cert_nid, key_iter, mac_iter, keytype;
VALUE obj;
char *passphrase, *friendlyname;
EVP_PKEY *key;
X509 *x509;
STACK_OF(X509) *x509s;
int nkey = 0, ncert = 0, kiter = 0, miter = 0, ktype = 0;
PKCS12 *p12;
rb_scan_args(argc, argv, "46", &pass, &name, &pkey, &cert, &ca, &key_nid, &cert_nid, &key_iter, &mac_iter, &keytype);
passphrase = NIL_P(pass) ? NULL : StringValueCStr(pass);
friendlyname = NIL_P(name) ? NULL : StringValueCStr(name);
key = GetPKeyPtr(pkey);
x509 = GetX509CertPtr(cert);
/* TODO: make a VALUE to nid function */
if (!NIL_P(key_nid)) {
if ((nkey = OBJ_txt2nid(StringValueCStr(key_nid))) == NID_undef)
ossl_raise(rb_eArgError, "Unknown PBE algorithm %"PRIsVALUE, key_nid);
}
if (!NIL_P(cert_nid)) {
if ((ncert = OBJ_txt2nid(StringValueCStr(cert_nid))) == NID_undef)
ossl_raise(rb_eArgError, "Unknown PBE algorithm %"PRIsVALUE, cert_nid);
}
if (!NIL_P(key_iter))
kiter = NUM2INT(key_iter);
if (!NIL_P(mac_iter))
miter = NUM2INT(mac_iter);
if (!NIL_P(keytype))
ktype = NUM2INT(keytype);
obj = NewPKCS12(cPKCS12);
x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca);
p12 = PKCS12_create(passphrase, friendlyname, key, x509, x509s,
nkey, ncert, kiter, miter, ktype);
sk_X509_pop_free(x509s, X509_free);
if(!p12) ossl_raise(ePKCS12Error, NULL);
SetPKCS12(obj, p12);
ossl_pkcs12_set_key(obj, pkey);
ossl_pkcs12_set_cert(obj, cert);
ossl_pkcs12_set_ca_certs(obj, ca);
return obj;
}</pre>
</div>
</div>
</div>
<div id="method-c-new" class="method-detail ">
<div class="method-heading">
<span class="method-callseq">
new → pkcs12
</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-heading">
<span class="method-callseq">
new(str) → pkcs12
</span>
</div>
<div class="method-heading">
<span class="method-callseq">
new(str, pass) → pkcs12
</span>
</div>
<div class="method-description">
<h3 id="method-c-new-label-Parameters">Parameters<span><a href="#method-c-new-label-Parameters">¶</a> <a href="#top">↑</a></span></h3>
<ul><li>
<p><em>str</em> - Must be a DER encoded <a href="PKCS12.html"><code>PKCS12</code></a> string.</p>
</li><li>
<p><em>pass</em> - string</p>
</li></ul>
<div class="method-source-code" id="new-source">
<pre>static VALUE
ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self)
{
BIO *in;
VALUE arg, pass, pkey, cert, ca;
char *passphrase;
EVP_PKEY *key;
X509 *x509;
STACK_OF(X509) *x509s = NULL;
int st = 0;
PKCS12 *pkcs = DATA_PTR(self);
if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) return self;
passphrase = NIL_P(pass) ? NULL : StringValueCStr(pass);
in = ossl_obj2bio(&arg);
d2i_PKCS12_bio(in, &pkcs);
DATA_PTR(self) = pkcs;
BIO_free(in);
pkey = cert = ca = Qnil;
/* OpenSSL's bug; PKCS12_parse() puts errors even if it succeeds.
* Fixed in OpenSSL 1.0.0t, 1.0.1p, 1.0.2d */
ERR_set_mark();
if(!PKCS12_parse(pkcs, passphrase, &key, &x509, &x509s))
ossl_raise(ePKCS12Error, "PKCS12_parse");
ERR_pop_to_mark();
if (key) {
pkey = rb_protect((VALUE (*)(VALUE))ossl_pkey_new, (VALUE)key, &st);
if (st) goto err;
}
if (x509) {
cert = rb_protect((VALUE (*)(VALUE))ossl_x509_new, (VALUE)x509, &st);
if (st) goto err;
}
if (x509s) {
ca = rb_protect((VALUE (*)(VALUE))ossl_x509_sk2ary, (VALUE)x509s, &st);
if (st) goto err;
}
err:
X509_free(x509);
sk_X509_pop_free(x509s, X509_free);
ossl_pkcs12_set_key(self, pkey);
ossl_pkcs12_set_cert(self, cert);
ossl_pkcs12_set_ca_certs(self, ca);
if(st) rb_jump_tag(st);
return self;
}</pre>
</div>
</div>
</div>
</section>
<section id="public-instance-5Buntitled-5D-method-details" class="method-section">
<header>
<h3>Public Instance Methods</h3>
</header>
<div id="method-i-initialize_copy" class="method-detail ">
<div class="method-heading">
<span class="method-name">initialize_copy</span><span
class="method-args">(p1)</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="initialize_copy-source">
<pre>static VALUE
ossl_pkcs12_initialize_copy(VALUE self, VALUE other)
{
PKCS12 *p12, *p12_old, *p12_new;
rb_check_frozen(self);
GetPKCS12(self, p12_old);
GetPKCS12(other, p12);
p12_new = ASN1_dup((i2d_of_void *)i2d_PKCS12, (d2i_of_void *)d2i_PKCS12, (char *)p12);
if (!p12_new)
ossl_raise(ePKCS12Error, "ASN1_dup");
SetPKCS12(self, p12_new);
PKCS12_free(p12_old);
return self;
}</pre>
</div>
</div>
</div>
<div id="method-i-to_der" class="method-detail ">
<div class="method-heading">
<span class="method-name">to_der</span><span
class="method-args">()</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="to_der-source">
<pre>static VALUE
ossl_pkcs12_to_der(VALUE self)
{
PKCS12 *p12;
VALUE str;
long len;
unsigned char *p;
GetPKCS12(self, p12);
if((len = i2d_PKCS12(p12, NULL)) <= 0)
ossl_raise(ePKCS12Error, NULL);
str = rb_str_new(0, len);
p = (unsigned char *)RSTRING_PTR(str);
if(i2d_PKCS12(p12, &p) <= 0)
ossl_raise(ePKCS12Error, NULL);
ossl_str_adjust(str, p);
return str;
}</pre>
</div>
</div>
</div>
</section>
</section>
</main>
<footer id="validator-badges" role="contentinfo">
<p><a href="https://validator.w3.org/check/referer">Validate</a>
<p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.2.1.1.
<p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.
</footer>