/** Creates the extension object on the base of its encoded form. */
 public static IssuingDistributionPoint decode(byte[] encoding) throws IOException {
   IssuingDistributionPoint idp = (IssuingDistributionPoint) ASN1.decode(encoding);
   idp.encoding = encoding;
   return idp;
 }
示例#2
0
 /**
  * Creates a new LDAP reader that will read messages from the provided socket and trace the
  * messages using a provided tracer.
  *
  * @param socket The socket from which to read the LDAP messages.
  * @throws IOException If a problem occurs while attempting to obtain an input stream for the
  *     socket.
  */
 public LDAPReader(Socket socket) throws IOException {
   this.socket = socket;
   this.debugInputStream = new RecordingInputStream(socket.getInputStream());
   this.asn1Reader = ASN1.getReader(debugInputStream);
 }
 /**
  * Returns ASN.1 encoded form of this X.509 IssuingDistributionPoint value.
  *
  * @return a byte array containing ASN.1 encoded form.
  */
 public byte[] getEncoded() {
   if (encoding == null) {
     encoding = ASN1.encode(this);
   }
   return encoding;
 }
示例#4
0
 /**
  * Returns the encoded of the object.
  *
  * @return a byte array containing ASN.1 encoded form.
  */
 public byte[] getEncoded() {
   if (encoding == null) {
     encoding = ASN1.encode(keyUsage);
   }
   return encoding;
 }
示例#5
0
 /** Creates the extension object on the base of its encoded form. */
 public KeyUsage(byte[] encoding) throws IOException {
   super(encoding);
   this.keyUsage = (boolean[]) ASN1.decode(encoding);
 }
示例#6
0
 @JRubyMethod
 public IRubyObject to_text() {
   StringBuffer sbe = new StringBuffer();
   sbe.append("Certificate Revocation List (CRL):\n");
   sbe.append(IND8).append("Version ").append(RubyNumeric.fix2int(version) + 1).append(" (0x");
   sbe.append(Integer.toString(RubyNumeric.fix2int(version), 16)).append(")\n");
   sbe.append(IND8)
       .append("Signature Algorithm: ")
       .append(
           ASN1.nid2ln(
               getRuntime(),
               ASN1.obj2nid(
                   getRuntime(),
                   ((DERObjectIdentifier)
                       ((DERSequence) ((DERSequence) crl_v).getObjectAt(1)).getObjectAt(0)))))
       .append("\n");
   sbe.append(IND8).append("Issuer: ").append(issuer()).append("\n");
   sbe.append(IND8)
       .append("Last Update: ")
       .append(ASN_DATE.format(((RubyTime) last_update()).getJavaDate()))
       .append("\n");
   if (!next_update().isNil()) {
     sbe.append(IND8)
         .append("Next Update: ")
         .append(ASN_DATE.format(((RubyTime) next_update()).getJavaDate()))
         .append("\n");
   } else {
     sbe.append(IND8).append("Next Update: NONE\n");
   }
   if (extensions.size() > 0) {
     sbe.append(IND8).append("CRL extensions\n");
     for (Iterator<IRubyObject> iter = extensions.iterator(); iter.hasNext(); ) {
       X509Extensions.Extension ext = (X509Extensions.Extension) iter.next();
       DERObjectIdentifier oiden = ext.getRealOid();
       sbe.append(IND12).append(ASN1.o2a(getRuntime(), oiden)).append(": ");
       if (ext.getRealCritical()) {
         sbe.append("critical");
       }
       sbe.append("\n");
       sbe.append(IND16).append(ext.value()).append("\n");
     }
   }
   /*
   114         rev = X509_CRL_get_REVOKED(x);
   115
   116         if(sk_X509_REVOKED_num(rev) > 0)
   117             BIO_printf(out, "Revoked Certificates:\n");
   118         else BIO_printf(out, "No Revoked Certificates.\n");
   119
   120         for(i = 0; i < sk_X509_REVOKED_num(rev); i++) {
   121                 r = sk_X509_REVOKED_value(rev, i);
   122                 BIO_printf(out,"    Serial Number: ");
   123                 i2a_ASN1_INTEGER(out,r->serialNumber);
   124                 BIO_printf(out,"\n        Revocation Date: ");
   125                 ASN1_TIME_print(out,r->revocationDate);
   126                 BIO_printf(out,"\n");
   127                 X509V3_extensions_print(out, "CRL entry extensions",
   128                                                 r->extensions, 0, 8);
   129         }
   130         X509_signature_print(out, x->sig_alg, x->signature);
   131
       */
   return getRuntime().newString(sbe.toString());
 }
示例#7
0
  @JRubyMethod(name = "initialize", rest = true, frame = true)
  public IRubyObject _initialize(IRubyObject[] args, Block block) {
    extensions = new ArrayList<IRubyObject>();
    if (org.jruby.runtime.Arity.checkArgumentCount(getRuntime(), args, 0, 1) == 0) {
      version = getRuntime().getNil();
      issuer = getRuntime().getNil();
      last_update = getRuntime().getNil();
      next_update = getRuntime().getNil();
      revoked = getRuntime().newArray();
      return this;
    }

    ByteArrayInputStream bis = new ByteArrayInputStream(args[0].convertToString().getBytes());
    try {
      // SunJCE throws java.security.cert.CRLException: Invalid encoding of
      // AuthorityKeyIdentifierExtension.
      // FIXME: use BC for now.
      CertificateFactory cf = OpenSSLReal.getX509CertificateFactoryBC();
      crl = (java.security.cert.X509CRL) cf.generateCRL(bis);
    } catch (GeneralSecurityException gse) {
      throw newX509CRLError(getRuntime(), gse.getMessage());
    }

    byte[] crl_bytes = args[0].convertToString().getBytes();
    // Parse PEM if we ever get passed some PEM contents
    try {
      StringReader in = new StringReader(args[0].toString());
      byte[] bytes = OpenSSLReal.getFormatHandler().readPEMToDER(in);
      if (bytes != null) crl_bytes = bytes;
      in.close();
    } catch (Exception e) {
      // this is not PEM encoded, let's use the default argument
    }

    try {
      crl_v = new ASN1InputStream(new ByteArrayInputStream(crl_bytes)).readObject();
    } catch (IOException ioe) {
      throw newX509CRLError(getRuntime(), ioe.getMessage());
    }

    DEREncodable v0 = ((DERSequence) (((DERSequence) crl_v).getObjectAt(0))).getObjectAt(0);
    if (v0 instanceof DERInteger) {
      set_version(getRuntime().newFixnum(((DERInteger) v0).getValue().intValue()));
    } else {
      set_version(getRuntime().newFixnum(2));
    }
    set_last_update(RubyTime.newTime(getRuntime(), crl.getThisUpdate().getTime()));
    set_next_update(RubyTime.newTime(getRuntime(), crl.getNextUpdate().getTime()));
    RubyString name = RubyString.newString(getRuntime(), crl.getIssuerX500Principal().getEncoded());
    set_issuer(Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Name", name));

    revoked = getRuntime().newArray();

    DERSequence seqa = (DERSequence) ((DERSequence) crl_v).getObjectAt(0);
    DERObject maybe_ext = (DERObject) seqa.getObjectAt(seqa.size() - 1);
    if (maybe_ext instanceof DERTaggedObject && ((DERTaggedObject) maybe_ext).getTagNo() == 0) {
      DERSequence exts = (DERSequence) ((DERTaggedObject) maybe_ext).getObject();
      for (int i = 0; i < exts.size(); i++) {
        DERSequence seq2 = (DERSequence) exts.getObjectAt(i);
        boolean critical = false;
        String oid = ((DERObjectIdentifier) seq2.getObjectAt(0)).getId();
        if (seq2.getObjectAt(1) == DERBoolean.TRUE) {
          critical = true;
        }
        byte[] value = crl.getExtensionValue(oid);
        IRubyObject mASN1 = getRuntime().getClassFromPath("OpenSSL::ASN1");
        IRubyObject rValue = null;
        try {
          rValue =
              ASN1.decode(
                  mASN1,
                  ASN1.decode(mASN1, RubyString.newString(getRuntime(), value))
                      .callMethod(getRuntime().getCurrentContext(), "value"));
        } catch (Exception e) {
          rValue = RubyString.newString(getRuntime(), value);
        }
        X509Extensions.Extension ext1 =
            (X509Extensions.Extension)
                Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Extension");
        ext1.setRealOid(ext1.getObjectIdentifier(oid));
        ext1.setRealValue(rValue);
        ext1.setRealCritical(critical);
        add_extension(ext1);
      }
    }

    changed = false;
    return this;
  }