@JRubyMethod(name = "next_update=") public IRubyObject set_next_update(IRubyObject val) { changed = true; next_update = val.callMethod(getRuntime().getCurrentContext(), "getutc"); ((RubyTime) next_update).setMicroseconds(0); generator.setNextUpdate(((RubyTime) next_update).getJavaDate()); this.next_update = val; return val; }
@JRubyMethod(name = "issuer=") public IRubyObject set_issuer(IRubyObject val) { if (!val.equals(this.issuer)) { changed = true; } this.issuer = val; generator.setIssuerDN(((X509Name) issuer).getRealName()); return val; }
@JRubyMethod public IRubyObject sign(final IRubyObject key, IRubyObject digest) { // System.err.println("WARNING: unimplemented method called: CRL#sign"); // Have to obey some artificial constraints of the OpenSSL implementation. Stupid. String keyAlg = ((PKey) key).getAlgorithm(); String digAlg = ((Digest) digest).getShortAlgorithm(); if (("DSA".equalsIgnoreCase(keyAlg) && "MD5".equalsIgnoreCase(digAlg)) || ("RSA".equalsIgnoreCase(keyAlg) && "DSS1".equals(((Digest) digest).name().toString())) || ("DSA".equalsIgnoreCase(keyAlg) && "SHA1".equals(((Digest) digest).name().toString()))) { throw newX509CRLError(getRuntime(), null); } sig_alg = getRuntime().newString(digAlg); generator.setSignatureAlgorithm(digAlg + "WITH" + keyAlg); for (IRubyObject obj : ((RubyArray) revoked).toJavaArray()) { X509Revoked rev = (X509Revoked) obj; // TODO: can throw CCE BigInteger serial = new BigInteger(rev.callMethod(getRuntime().getCurrentContext(), "serial").toString()); IRubyObject t1 = rev.callMethod(getRuntime().getCurrentContext(), "time") .callMethod(getRuntime().getCurrentContext(), "getutc"); ((RubyTime) t1).setMicroseconds(0); // Extensions ignored, for now generator.addCRLEntry( serial, ((RubyTime) t1).getJavaDate(), new org.bouncycastle.asn1.x509.X509Extensions(new Hashtable())); } try { for (Iterator<IRubyObject> iter = extensions.iterator(); iter.hasNext(); ) { X509Extensions.Extension ag = (X509Extensions.Extension) iter.next(); generator.addExtension(ag.getRealOid(), ag.getRealCritical(), ag.getRealValueBytes()); } } catch (IOException ioe) { throw newX509CRLError(getRuntime(), ioe.getMessage()); } try { // X509V2CRLGenerator(generator) depends BC. OpenSSLReal.doWithBCProvider( new OpenSSLReal.Runnable() { public void run() throws GeneralSecurityException { crl = generator.generate(((PKey) key).getPrivateKey(), "BC"); } }); } catch (GeneralSecurityException gse) { throw newX509CRLError(getRuntime(), gse.getMessage()); } try { crl_v = new ASN1InputStream(new ByteArrayInputStream(crl.getEncoded())).readObject(); } catch (CRLException crle) { throw newX509CRLError(getRuntime(), crle.getMessage()); } catch (IOException ioe) { throw newX509CRLError(getRuntime(), ioe.getMessage()); } DERSequence v1 = (DERSequence) (((DERSequence) crl_v).getObjectAt(0)); ASN1EncodableVector build1 = new ASN1EncodableVector(); int copyIndex = 0; if (v1.getObjectAt(0) instanceof DERInteger) { copyIndex++; } build1.add(new DERInteger(new java.math.BigInteger(version.toString()))); while (copyIndex < v1.size()) { build1.add(v1.getObjectAt(copyIndex++)); } ASN1EncodableVector build2 = new ASN1EncodableVector(); build2.add(new DERSequence(build1)); build2.add(((DERSequence) crl_v).getObjectAt(1)); build2.add(((DERSequence) crl_v).getObjectAt(2)); crl_v = new DERSequence(build2); changed = false; return this; }