class OpenSSL::Engine
此类是访问 openssl 的 ENGINE 加密模块实现的接口。
Public Class Methods
Source
static VALUE
ossl_engine_s_by_id(VALUE klass, VALUE id)
{
ENGINE *e;
VALUE obj;
StringValueCStr(id);
ossl_engine_s_load(1, &id, klass);
obj = NewEngine(klass);
if(!(e = ENGINE_by_id(RSTRING_PTR(id))))
ossl_raise(eEngineError, NULL);
SetEngine(obj, e);
if(rb_block_given_p()) rb_yield(obj);
if(!ENGINE_init(e))
ossl_raise(eEngineError, NULL);
ENGINE_ctrl(e, ENGINE_CTRL_SET_PASSWORD_CALLBACK,
0, NULL, (void(*)(void))ossl_pem_passwd_cb);
ossl_clear_error();
return obj;
}
根据 id String 获取引擎。
OpenSSL::Engine.by_id("openssl")
=> #<OpenSSL::Engine id="openssl" name="Software engine support">
有关当前已加载引擎的信息,请参阅 OpenSSL::Engine.engines。
Source
static VALUE
ossl_engine_s_cleanup(VALUE self)
{
return Qnil;
}
仅当引擎是通过 OpenSSL::Engine.load 加载时,才需要运行 cleanup。不过,建议在退出前运行 cleanup。
请注意,这仅在 OpenSSL < 1.1.0 中需要且有效。
Source
static VALUE
ossl_engine_s_engines(VALUE klass)
{
ENGINE *e;
VALUE ary, obj;
ary = rb_ary_new();
for(e = ENGINE_get_first(); e; e = ENGINE_get_next(e)){
obj = NewEngine(klass);
/* Need a ref count of two here because of ENGINE_free being
* called internally by OpenSSL when moving to the next ENGINE
* and by us when releasing the ENGINE reference */
ENGINE_up_ref(e);
SetEngine(obj, e);
rb_ary_push(ary, obj);
}
return ary;
}
返回当前已加载引擎的数组。
Source
static VALUE
ossl_engine_s_load(int argc, VALUE *argv, VALUE klass)
{
VALUE name;
rb_scan_args(argc, argv, "01", &name);
if(NIL_P(name)){
ENGINE_load_builtin_engines();
return Qtrue;
}
StringValueCStr(name);
OSSL_ENGINE_LOAD_IF_MATCH(dynamic, DYNAMIC);
OSSL_ENGINE_LOAD_IF_MATCH(padlock, PADLOCK);
OSSL_ENGINE_LOAD_IF_MATCH(capi, CAPI);
OSSL_ENGINE_LOAD_IF_MATCH(cryptodev, CRYPTODEV);
OSSL_ENGINE_LOAD_IF_MATCH(openssl, OPENSSL);
rb_warning("no such builtin loader for `%"PRIsVALUE"'", name);
return Qnil;
}
此方法加载引擎。如果 name 为 nil,则加载所有内置引擎。否则,如果给定的 name(作为 String)在您的运行时可用,则加载它并返回 true。如果找不到 name,则返回 nil。
Public Instance Methods
Source
static VALUE
ossl_engine_get_cipher(VALUE self, VALUE name)
{
ENGINE *e;
const EVP_CIPHER *ciph, *tmp;
int nid;
tmp = EVP_get_cipherbyname(StringValueCStr(name));
if(!tmp) ossl_raise(eEngineError, "no such cipher `%"PRIsVALUE"'", name);
nid = EVP_CIPHER_nid(tmp);
GetEngine(self, e);
ciph = ENGINE_get_cipher(e, nid);
if(!ciph) ossl_raise(eEngineError, NULL);
return ossl_cipher_new(ciph);
}
如果此引擎中可用,则根据 name 返回 OpenSSL::Cipher 的新实例。
如果密码不可用,将引发 EngineError。
e = OpenSSL::Engine.by_id("openssl")
=> #<OpenSSL::Engine id="openssl" name="Software engine support">
e.cipher("RC4")
=> #<OpenSSL::Cipher:0x007fc5cacc3048>
Source
static VALUE
ossl_engine_get_cmds(VALUE self)
{
ENGINE *e;
const ENGINE_CMD_DEFN *defn, *p;
VALUE ary, tmp;
GetEngine(self, e);
ary = rb_ary_new();
if ((defn = ENGINE_get_cmd_defns(e)) != NULL){
for (p = defn; p->cmd_num > 0; p++){
tmp = rb_ary_new();
rb_ary_push(tmp, rb_str_new2(p->cmd_name));
rb_ary_push(tmp, rb_str_new2(p->cmd_desc));
rb_ary_push(tmp, ossl_engine_cmd_flag_to_name(p->cmd_flags));
rb_ary_push(ary, tmp);
}
}
return ary;
}
返回当前引擎的命令定义的数组。
Source
static VALUE
ossl_engine_ctrl_cmd(int argc, VALUE *argv, VALUE self)
{
ENGINE *e;
VALUE cmd, val;
int ret;
GetEngine(self, e);
rb_scan_args(argc, argv, "11", &cmd, &val);
ret = ENGINE_ctrl_cmd_string(e, StringValueCStr(cmd),
NIL_P(val) ? NULL : StringValueCStr(val), 0);
if (!ret) ossl_raise(eEngineError, NULL);
return self;
}
将给定的 command 发送给此引擎。
如果命令失败,将引发 EngineError。
Source
static VALUE
ossl_engine_get_digest(VALUE self, VALUE name)
{
ENGINE *e;
const EVP_MD *md, *tmp;
int nid;
tmp = EVP_get_digestbyname(StringValueCStr(name));
if(!tmp) ossl_raise(eEngineError, "no such digest `%"PRIsVALUE"'", name);
nid = EVP_MD_nid(tmp);
GetEngine(self, e);
md = ENGINE_get_digest(e, nid);
if(!md) ossl_raise(eEngineError, NULL);
return ossl_digest_new(md);
}
根据 name 返回 OpenSSL::Digest 的新实例。
如果摘要不可用,将引发 EngineError。
e = OpenSSL::Engine.by_id("openssl") #=> #<OpenSSL::Engine id="openssl" name="Software engine support"> e.digest("SHA1") #=> #<OpenSSL::Digest: da39a3ee5e6b4b0d3255bfef95601890afd80709> e.digest("zomg") #=> OpenSSL::Engine::EngineError: no such digest `zomg'
Source
static VALUE
ossl_engine_finish(VALUE self)
{
ENGINE *e;
GetEngine(self, e);
if(!ENGINE_finish(e)) ossl_raise(eEngineError, NULL);
return Qnil;
}
释放此引擎的所有内部结构引用。
如果引擎不可用,可能会引发 EngineError。
Source
static VALUE
ossl_engine_get_id(VALUE self)
{
ENGINE *e;
GetEngine(self, e);
return rb_str_new2(ENGINE_get_id(e));
}
获取此引擎的 id。
OpenSSL::Engine.load OpenSSL::Engine.engines #=> [#<OpenSSL::Engine#>, ...] OpenSSL::Engine.engines.first.id #=> "rsax"
Source
static VALUE
ossl_engine_inspect(VALUE self)
{
ENGINE *e;
GetEngine(self, e);
return rb_sprintf("#<%"PRIsVALUE" id=\"%s\" name=\"%s\">",
rb_obj_class(self), ENGINE_get_id(e), ENGINE_get_name(e));
}
漂亮打印此引擎。
Source
static VALUE
ossl_engine_load_privkey(int argc, VALUE *argv, VALUE self)
{
ENGINE *e;
EVP_PKEY *pkey;
VALUE id, data, obj;
char *sid, *sdata;
rb_scan_args(argc, argv, "02", &id, &data);
sid = NIL_P(id) ? NULL : StringValueCStr(id);
sdata = NIL_P(data) ? NULL : StringValueCStr(data);
GetEngine(self, e);
pkey = ENGINE_load_private_key(e, sid, NULL, sdata);
if (!pkey) ossl_raise(eEngineError, NULL);
obj = ossl_pkey_wrap(pkey);
OSSL_PKEY_SET_PRIVATE(obj);
return obj;
}
加载给定的由 id 和 data 标识的私钥。
如果 OpenSSL::PKey 不可用,将引发 EngineError。
Source
static VALUE
ossl_engine_load_pubkey(int argc, VALUE *argv, VALUE self)
{
ENGINE *e;
EVP_PKEY *pkey;
VALUE id, data;
char *sid, *sdata;
rb_scan_args(argc, argv, "02", &id, &data);
sid = NIL_P(id) ? NULL : StringValueCStr(id);
sdata = NIL_P(data) ? NULL : StringValueCStr(data);
GetEngine(self, e);
pkey = ENGINE_load_public_key(e, sid, NULL, sdata);
if (!pkey) ossl_raise(eEngineError, NULL);
return ossl_pkey_wrap(pkey);
}
加载给定的由 id 和 data 标识的公钥。
如果 OpenSSL::PKey 不可用,将引发 EngineError。
Source
static VALUE
ossl_engine_get_name(VALUE self)
{
ENGINE *e;
GetEngine(self, e);
return rb_str_new2(ENGINE_get_name(e));
}
获取此引擎的描述性名称。
OpenSSL::Engine.load OpenSSL::Engine.engines #=> [#<OpenSSL::Engine#>, ...] OpenSSL::Engine.engines.first.name #=> "RSAX engine support"
Source
static VALUE
ossl_engine_set_default(VALUE self, VALUE flag)
{
ENGINE *e;
int f = NUM2INT(flag);
GetEngine(self, e);
ENGINE_set_default(e, f);
return Qtrue;
}
使用给定的 flag 设置此引擎的默认值。
这些标志用于控制算法方法的组合。
flag 可以是以下之一,其他标志取决于您的操作系统。
- 所有标志
-
0xFFFF
- 无标志
-
0x0000
另请参阅 <openssl/engine.h>