Method: OpenSSL::OCSP::CertificateId#initialize

Defined in:
ext/openssl/ossl_ocsp.c

#OpenSSL::OCSP::CertificateId.new(subject, issuer, digest = nil) ⇒ Object #OpenSSL::OCSP::CertificateId.new(der_string) ⇒ Object #OpenSSL::OCSP::CertificateId.new(obj) ⇒ Object

Creates a new OpenSSL::OCSP::CertificateId for the given subject and issuer X509 certificates. The digest is a digest algorithm that is used to compute the hash values. This defaults to SHA-1.

If only one argument is given, decodes it as DER representation of a certificate ID or generates certificate ID from the object that responds to the to_der method.



1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
 
# File 'ext/openssl/ossl_ocsp.c', line 1454

static VALUE
ossl_ocspcid_initialize(int argc, VALUE *argv, VALUE self)
{
    OCSP_CERTID *id, *newid;
    VALUE subject, issuer, digest;

    GetOCSPCertId(self, id);
    if (rb_scan_args(argc, argv, "12", &subject, &issuer, &digest) == 1) {
	VALUE arg;
	const unsigned char *p;

	arg = ossl_to_der_if_possible(subject);
	StringValue(arg);
	p = (unsigned char *)RSTRING_PTR(arg);
	newid = d2i_OCSP_CERTID(NULL, &p, RSTRING_LEN(arg));
	if (!newid)
	    ossl_raise(eOCSPError, "d2i_OCSP_CERTID");
    }
    else {
	X509 *x509s, *x509i;
	const EVP_MD *md;

	x509s = GetX509CertPtr(subject); /* NO NEED TO DUP */
	x509i = GetX509CertPtr(issuer); /* NO NEED TO DUP */
	md = !NIL_P(digest) ? ossl_evp_get_digestbyname(digest) : NULL;

	newid = OCSP_cert_to_id(md, x509s, x509i);
	if (!newid)
	    ossl_raise(eOCSPError, "OCSP_cert_to_id");
    }

    SetOCSPCertId(self, newid);
    OCSP_CERTID_free(id);

    return self;
}