Zyre::
Cert class
| Superclass | rb_cObject |
| Extended With |
|
A certificate for Zyre curve authentication.
Refs: - api.zeromq.org/czmq4-0:zcert
Constants
- EMPTY_KEY
The placeholder key that is set as the secret key for a public certificate.
Public Class Methods
Create a certificate from the public_key and secret_key.
static VALUE
rzyre_cert_s_from( VALUE class, VALUE public_key, VALUE secret_key )
{
VALUE self = rzyre_cert_alloc( class );
zcert_t *ptr = NULL;
const char *pub_str = StringValuePtr( public_key ),
*sec_str = StringValuePtr( secret_key );
if ( RSTRING_LEN(public_key) == 32 && RSTRING_LEN(secret_key) == 32 ) {
ptr = zcert_new_from( (const byte *)pub_str, (const byte *)sec_str );
} else if ( RSTRING_LEN(public_key) == 40 && RSTRING_LEN(secret_key) == 40 ) {
#ifdef CZMQ_BUILD_DRAFT_API
ptr = zcert_new_from_txt( pub_str, sec_str );
#else
rb_raise( rb_eNotImpError,
"can't create a key from encoded keys: Czmq was not built with Draft APIs!" );
#endif
}
if ( !ptr ) {
rb_raise( rb_eArgError, "invalid key pair" );
}
RTYPEDDATA_DATA( self ) = ptr;
return self;
}Create a certificate from a saved certificate in the specified filename.
static VALUE
rzyre_cert_s_load( VALUE class, VALUE filename )
{
VALUE self = rzyre_cert_alloc( class );
zcert_t *ptr = zcert_load( StringValueCStr(filename) );
if ( !ptr ) {
rb_raise( rb_eArgError, "failed to load cert from %s", RSTRING_PTR(filename) );
}
RTYPEDDATA_DATA( self ) = ptr;
return self;
}Public Instance Methods
Fetch the value for the cert metadata with the given name.
# File lib/zyre/cert.rb, line 27
def []( name )
return self.meta( name.to_s )
endSet the value for the cert metadata with the given name to value.
# File lib/zyre/cert.rb, line 33
def []=( name, value )
return self.set_meta( name.to_s, value.to_s )
endApply the certificate to the specified zyre_node, i.e. use the cert for CURVE security. If the receiving certificate doesn’t have a private key, an exception will be raised.
# File lib/zyre/cert.rb, line 69
def apply( zyre_node )
return zyre_node.zcert = self
endDelete the value for the cert metadata with the given name. Requires CZMQ to have been built with Draft APIs.
# File lib/zyre/cert.rb, line 50
def delete( name )
name = name.to_s
deleted_val = self[ name ]
self.unset_meta( name )
return deleted_val
endReturn a copy of the certificate.
static VALUE
rzyre_cert_dup( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
zcert_t *other_ptr;
VALUE other = rb_call_super( 0, NULL );
RTYPEDDATA_DATA( other ) = other_ptr = zcert_dup( ptr );
if ( !other_ptr )
rb_raise( rb_eRuntimeError, "couldn't duplicate the cert" );
return other;
}Return true if the other_cert has the same keys.
static VALUE
rzyre_cert_eql_p( VALUE self, VALUE other )
{
zcert_t *ptr = rzyre_get_cert( self ),
*other_ptr = rzyre_get_cert( other );
bool equal = zcert_eq( ptr, other_ptr );
return equal ? Qtrue : Qfalse;
}Returns true if the certificate has a secret key.
# File lib/zyre/cert.rb, line 61
def have_secret_key?
return self.secret_key != EMPTY_KEY
endReturn the metadata value for name from certificate; if the metadata value doesn’t exist, returns nil.
static VALUE
rzyre_cert_meta( VALUE self, VALUE name )
{
zcert_t *ptr = rzyre_get_cert( self );
VALUE rval = Qnil;
const char *name_str = StringValuePtr( name );
const char *value = zcert_meta( ptr, name_str );
if ( value ) rval = rb_str_new_cstr( value );
return rval;
}Return the metadata from the cert as a Hash.
# File lib/zyre/cert.rb, line 39
def meta_hash
hash = self.meta_keys.each_with_object( {} ) do |key, h|
h[ key ] = self[ key ]
end
hash.freeze
return hash
endReturn an Array of metadata field names that belong to the receiver.
static VALUE
rzyre_cert_meta_keys( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
zlist_t *keys = zcert_meta_keys( ptr );
VALUE rary = rb_ary_new();
char *item;
assert( keys );
item = zlist_first( keys );
while ( item ) {
rb_ary_push( rary, rb_str_new_cstr(item) );
item = zlist_next( keys );
}
zlist_destroy( &keys );
return rary;
}Print certificate contents to stdout.
static VALUE
rzyre_cert_print( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
zcert_print( ptr );
return Qtrue;
}Return public part of key pair as 32-byte binary string
static VALUE
rzyre_cert_public_key( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
const byte *key = zcert_public_key( ptr );
VALUE rval = rb_enc_str_new( (const char *)key, 32, rb_ascii8bit_encoding() );
return rval;
}Return public part of key pair as Z85 armored string
static VALUE
rzyre_cert_public_txt( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
const char *key = zcert_public_txt( ptr );
VALUE rval = rb_usascii_str_new( key, 40 );
return rval;
}Save the full certificate (public + secret) to the specified filename. This creates one public file and one secret file (filename + “_secret”).
static VALUE
rzyre_cert_save( VALUE self, VALUE filename )
{
zcert_t *ptr = rzyre_get_cert( self );
const char *filename_str = StringValueCStr( filename );
int result;
result = zcert_save( ptr, filename_str );
if ( result != 0 )
rb_raise( rb_eRuntimeError, "failed to save cert to %s", filename_str );
return Qtrue;
}Save the public certificate only to the specified filename.
static VALUE
rzyre_cert_save_public( VALUE self, VALUE filename )
{
zcert_t *ptr = rzyre_get_cert( self );
const char *filename_str = StringValueCStr( filename );
int result;
result = zcert_save_public( ptr, filename_str );
if ( result != 0 )
rb_raise( rb_eRuntimeError, "failed to save public cert to %s", filename_str );
return Qtrue;
}Save the secret certificate only to the specified filename.
static VALUE
rzyre_cert_save_secret( VALUE self, VALUE filename )
{
zcert_t *ptr = rzyre_get_cert( self );
const char *filename_str = StringValueCStr( filename );
int result;
result = zcert_save_secret( ptr, filename_str );
if ( result != 0 )
rb_raise( rb_eRuntimeError, "failed to save secret cert to %s", filename_str );
return Qtrue;
}Return secret part of key pair as 32-byte binary string
static VALUE
rzyre_cert_secret_key( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
const byte *key = zcert_secret_key( ptr );
VALUE rval = rb_enc_str_new( (const char *)key, 32, rb_ascii8bit_encoding() );
return rval;
}Return secret part of key pair as Z85 armored string
static VALUE
rzyre_cert_secret_txt( VALUE self )
{
zcert_t *ptr = rzyre_get_cert( self );
const char *key = zcert_secret_txt( ptr );
VALUE rval = rb_usascii_str_new( key, 40 );
return rval;
}Set certificate metadata name to value.
static VALUE
rzyre_cert_set_meta( VALUE self, VALUE name, VALUE val )
{
zcert_t *ptr = rzyre_get_cert( self );
const char *key_str = StringValueCStr( name ),
*val_str = StringValueCStr( val );
#ifdef CZMQ_BUILD_DRAFT_API
zcert_unset_meta( ptr, key_str );
#endif
zcert_set_meta( ptr, key_str, "%s", val_str );
return val;
}Unset certificate metadata value for the given +name.
Note: this is a draft method for development use, may change without warning.
static VALUE
rzyre_cert_unset_meta( VALUE self, VALUE name )
{
#ifdef CZMQ_BUILD_DRAFT_API
zcert_t *ptr = rzyre_get_cert( self );
const char *name_str = StringValueCStr( name );
zcert_unset_meta( ptr, name_str );
return Qtrue;
#else
rb_raise( rb_eNotImpError, "Czmq was not built with Draft APIs!" );
#endif // CZMQ_BUILD_DRAFT_API
}