/** Creates the extension object on the base of its encoded form. */ public static IssuingDistributionPoint decode(byte[] encoding) throws IOException { IssuingDistributionPoint idp = (IssuingDistributionPoint) ASN1.decode(encoding); idp.encoding = encoding; return idp; }
/** * Creates a new LDAP reader that will read messages from the provided socket and trace the * messages using a provided tracer. * * @param socket The socket from which to read the LDAP messages. * @throws IOException If a problem occurs while attempting to obtain an input stream for the * socket. */ public LDAPReader(Socket socket) throws IOException { this.socket = socket; this.debugInputStream = new RecordingInputStream(socket.getInputStream()); this.asn1Reader = ASN1.getReader(debugInputStream); }
/** * Returns ASN.1 encoded form of this X.509 IssuingDistributionPoint value. * * @return a byte array containing ASN.1 encoded form. */ public byte[] getEncoded() { if (encoding == null) { encoding = ASN1.encode(this); } return encoding; }
/** * Returns the encoded of the object. * * @return a byte array containing ASN.1 encoded form. */ public byte[] getEncoded() { if (encoding == null) { encoding = ASN1.encode(keyUsage); } return encoding; }
/** Creates the extension object on the base of its encoded form. */ public KeyUsage(byte[] encoding) throws IOException { super(encoding); this.keyUsage = (boolean[]) ASN1.decode(encoding); }
@JRubyMethod public IRubyObject to_text() { StringBuffer sbe = new StringBuffer(); sbe.append("Certificate Revocation List (CRL):\n"); sbe.append(IND8).append("Version ").append(RubyNumeric.fix2int(version) + 1).append(" (0x"); sbe.append(Integer.toString(RubyNumeric.fix2int(version), 16)).append(")\n"); sbe.append(IND8) .append("Signature Algorithm: ") .append( ASN1.nid2ln( getRuntime(), ASN1.obj2nid( getRuntime(), ((DERObjectIdentifier) ((DERSequence) ((DERSequence) crl_v).getObjectAt(1)).getObjectAt(0))))) .append("\n"); sbe.append(IND8).append("Issuer: ").append(issuer()).append("\n"); sbe.append(IND8) .append("Last Update: ") .append(ASN_DATE.format(((RubyTime) last_update()).getJavaDate())) .append("\n"); if (!next_update().isNil()) { sbe.append(IND8) .append("Next Update: ") .append(ASN_DATE.format(((RubyTime) next_update()).getJavaDate())) .append("\n"); } else { sbe.append(IND8).append("Next Update: NONE\n"); } if (extensions.size() > 0) { sbe.append(IND8).append("CRL extensions\n"); for (Iterator<IRubyObject> iter = extensions.iterator(); iter.hasNext(); ) { X509Extensions.Extension ext = (X509Extensions.Extension) iter.next(); DERObjectIdentifier oiden = ext.getRealOid(); sbe.append(IND12).append(ASN1.o2a(getRuntime(), oiden)).append(": "); if (ext.getRealCritical()) { sbe.append("critical"); } sbe.append("\n"); sbe.append(IND16).append(ext.value()).append("\n"); } } /* 114 rev = X509_CRL_get_REVOKED(x); 115 116 if(sk_X509_REVOKED_num(rev) > 0) 117 BIO_printf(out, "Revoked Certificates:\n"); 118 else BIO_printf(out, "No Revoked Certificates.\n"); 119 120 for(i = 0; i < sk_X509_REVOKED_num(rev); i++) { 121 r = sk_X509_REVOKED_value(rev, i); 122 BIO_printf(out," Serial Number: "); 123 i2a_ASN1_INTEGER(out,r->serialNumber); 124 BIO_printf(out,"\n Revocation Date: "); 125 ASN1_TIME_print(out,r->revocationDate); 126 BIO_printf(out,"\n"); 127 X509V3_extensions_print(out, "CRL entry extensions", 128 r->extensions, 0, 8); 129 } 130 X509_signature_print(out, x->sig_alg, x->signature); 131 */ return getRuntime().newString(sbe.toString()); }
@JRubyMethod(name = "initialize", rest = true, frame = true) public IRubyObject _initialize(IRubyObject[] args, Block block) { extensions = new ArrayList<IRubyObject>(); if (org.jruby.runtime.Arity.checkArgumentCount(getRuntime(), args, 0, 1) == 0) { version = getRuntime().getNil(); issuer = getRuntime().getNil(); last_update = getRuntime().getNil(); next_update = getRuntime().getNil(); revoked = getRuntime().newArray(); return this; } ByteArrayInputStream bis = new ByteArrayInputStream(args[0].convertToString().getBytes()); try { // SunJCE throws java.security.cert.CRLException: Invalid encoding of // AuthorityKeyIdentifierExtension. // FIXME: use BC for now. CertificateFactory cf = OpenSSLReal.getX509CertificateFactoryBC(); crl = (java.security.cert.X509CRL) cf.generateCRL(bis); } catch (GeneralSecurityException gse) { throw newX509CRLError(getRuntime(), gse.getMessage()); } byte[] crl_bytes = args[0].convertToString().getBytes(); // Parse PEM if we ever get passed some PEM contents try { StringReader in = new StringReader(args[0].toString()); byte[] bytes = OpenSSLReal.getFormatHandler().readPEMToDER(in); if (bytes != null) crl_bytes = bytes; in.close(); } catch (Exception e) { // this is not PEM encoded, let's use the default argument } try { crl_v = new ASN1InputStream(new ByteArrayInputStream(crl_bytes)).readObject(); } catch (IOException ioe) { throw newX509CRLError(getRuntime(), ioe.getMessage()); } DEREncodable v0 = ((DERSequence) (((DERSequence) crl_v).getObjectAt(0))).getObjectAt(0); if (v0 instanceof DERInteger) { set_version(getRuntime().newFixnum(((DERInteger) v0).getValue().intValue())); } else { set_version(getRuntime().newFixnum(2)); } set_last_update(RubyTime.newTime(getRuntime(), crl.getThisUpdate().getTime())); set_next_update(RubyTime.newTime(getRuntime(), crl.getNextUpdate().getTime())); RubyString name = RubyString.newString(getRuntime(), crl.getIssuerX500Principal().getEncoded()); set_issuer(Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Name", name)); revoked = getRuntime().newArray(); DERSequence seqa = (DERSequence) ((DERSequence) crl_v).getObjectAt(0); DERObject maybe_ext = (DERObject) seqa.getObjectAt(seqa.size() - 1); if (maybe_ext instanceof DERTaggedObject && ((DERTaggedObject) maybe_ext).getTagNo() == 0) { DERSequence exts = (DERSequence) ((DERTaggedObject) maybe_ext).getObject(); for (int i = 0; i < exts.size(); i++) { DERSequence seq2 = (DERSequence) exts.getObjectAt(i); boolean critical = false; String oid = ((DERObjectIdentifier) seq2.getObjectAt(0)).getId(); if (seq2.getObjectAt(1) == DERBoolean.TRUE) { critical = true; } byte[] value = crl.getExtensionValue(oid); IRubyObject mASN1 = getRuntime().getClassFromPath("OpenSSL::ASN1"); IRubyObject rValue = null; try { rValue = ASN1.decode( mASN1, ASN1.decode(mASN1, RubyString.newString(getRuntime(), value)) .callMethod(getRuntime().getCurrentContext(), "value")); } catch (Exception e) { rValue = RubyString.newString(getRuntime(), value); } X509Extensions.Extension ext1 = (X509Extensions.Extension) Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Extension"); ext1.setRealOid(ext1.getObjectIdentifier(oid)); ext1.setRealValue(rValue); ext1.setRealCritical(critical); add_extension(ext1); } } changed = false; return this; }