Example 6 with RubyFixnum
use of org.jruby.RubyFixnum in project jruby-openssl by jruby.
the class OCSPBasicResponse method verify.
@JRubyMethod(name = "verify", rest = true)
public IRubyObject verify(final ThreadContext context, IRubyObject[] args) {
Ruby runtime = context.runtime;
int flags = 0;
IRubyObject certificates = args[0];
IRubyObject store = args[1];
boolean ret = false;
if (Arity.checkArgumentCount(runtime, args, 2, 3) == 3) {
flags = RubyFixnum.fix2int(args[2]);
}
JcaContentVerifierProviderBuilder jcacvpb = new JcaContentVerifierProviderBuilder();
jcacvpb.setProvider("BC");
BasicOCSPResp basicOCSPResp = getBasicOCSPResp();
java.security.cert.Certificate signer = findSignerCert(context, asn1BCBasicOCSPResp, convertRubyCerts(certificates), flags);
if (signer == null)
return RubyBoolean.newBoolean(runtime, false);
if ((flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOINTERN))) == 0 && (flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_TRUSTOTHER))) != 0) {
flags |= RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOVERIFY));
}
if ((flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOSIGS))) == 0) {
PublicKey sPKey = signer.getPublicKey();
if (sPKey == null)
return RubyBoolean.newBoolean(runtime, false);
try {
ContentVerifierProvider cvp = jcacvpb.build(sPKey);
ret = basicOCSPResp.isSignatureValid(cvp);
} catch (Exception e) {
throw newOCSPError(runtime, e);
}
}
if ((flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOVERIFY))) == 0) {
List<X509Cert> untrustedCerts = null;
if ((flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOCHAIN))) != 0) {
} else if (basicOCSPResp.getCerts() != null && (certificates != null && !((RubyArray) certificates).isEmpty())) {
untrustedCerts = getCertsFromResp();
Iterator<java.security.cert.Certificate> certIt = ((RubyArray) certificates).iterator();
while (certIt.hasNext()) {
try {
untrustedCerts.add(X509Cert.wrap(context, certIt.next().getEncoded()));
} catch (CertificateEncodingException e) {
throw newOCSPError(runtime, e);
}
}
} else {
untrustedCerts = getCertsFromResp();
}
RubyArray rUntrustedCerts = RubyArray.newEmptyArray(runtime);
if (untrustedCerts != null) {
X509Cert[] rubyCerts = new X509Cert[untrustedCerts.size()];
rUntrustedCerts = RubyArray.newArray(runtime, untrustedCerts.toArray(rubyCerts));
}
X509StoreContext ctx;
try {
ctx = X509StoreContext.newStoreContext(context, (X509Store) store, X509Cert.wrap(runtime, signer), rUntrustedCerts);
} catch (CertificateEncodingException e) {
throw newOCSPError(runtime, e);
}
ctx.set_purpose(context, _X509(runtime).getConstant("PURPOSE_OCSP_HELPER"));
ret = ctx.verify(context).isTrue();
IRubyObject chain = ctx.chain(context);
if ((flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOCHECKS))) > 0) {
ret = true;
}
try {
if (checkIssuer(getBasicOCSPResp(), chain))
return RubyBoolean.newBoolean(runtime, true);
} catch (IOException e) {
throw newOCSPError(runtime, e);
}
if ((flags & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOCHAIN))) != 0) {
return RubyBoolean.newBoolean(runtime, ret);
} else {
X509Cert rootCA = (X509Cert) ((RubyArray) chain).last();
PublicKey rootKey = rootCA.getAuxCert().getPublicKey();
try {
// check if self-signed and valid (trusts itself)
rootCA.getAuxCert().verify(rootKey);
ret = true;
} catch (Exception e) {
ret = false;
}
}
}
return RubyBoolean.newBoolean(runtime, ret);
}
Also used :
RubyArray(org.jruby.RubyArray)
PublicKey(java.security.PublicKey)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
IRubyObject(org.jruby.runtime.builtin.IRubyObject)
RubyFixnum(org.jruby.RubyFixnum)
RaiseException(org.jruby.exceptions.RaiseException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
JcaContentVerifierProviderBuilder(org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder)
BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp)
Iterator(java.util.Iterator)
Ruby(org.jruby.Ruby)
ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider)
JRubyMethod(org.jruby.anno.JRubyMethod)
Example 7 with RubyFixnum
use of org.jruby.RubyFixnum in project propane by ruby-processing.
the class Vec3 method toVertexUV.
/**
* Sends this Vec3D as a processing vertex uv
*
* @param context ThreadContext
* @param args IRubyObject[]
*/
@JRubyMethod(name = "to_vertex_uv", rest = true)
public void toVertexUV(ThreadContext context, IRubyObject... args) {
int count = args.length;
double u = 0;
double v = 0;
if (count == 3) {
u = args[1] instanceof RubyFloat ? ((RubyFloat) args[1]).getValue() : ((RubyFixnum) args[1]).getDoubleValue();
v = args[2] instanceof RubyFloat ? ((RubyFloat) args[2]).getValue() : ((RubyFixnum) args[2]).getDoubleValue();
}
if (count == 2) {
Vec2 texture = (Vec2) args[1].toJava(Vec2.class);
u = texture.javax();
v = texture.javay();
}
JRender renderer = (JRender) args[0].toJava(JRender.class);
renderer.vertex(jx, jy, jz, u, v);
}
Also used :
Vec2(monkstone.vecmath.vec2.Vec2)
RubyFloat(org.jruby.RubyFloat)
JRender(monkstone.vecmath.JRender)
RubyFixnum(org.jruby.RubyFixnum)
JRubyMethod(org.jruby.anno.JRubyMethod)
Example 8 with RubyFixnum
use of org.jruby.RubyFixnum in project jruby-openssl by jruby.
the class OCSPBasicResponse method sign.
@JRubyMethod(name = "sign", rest = true)
public IRubyObject sign(final ThreadContext context, IRubyObject[] args) {
Ruby runtime = context.getRuntime();
int flag = 0;
IRubyObject additionalCerts = context.nil;
IRubyObject flags = context.nil;
IRubyObject digest = context.nil;
Digest digestInstance = new Digest(runtime, _Digest(runtime));
List<X509CertificateHolder> addlCerts = new ArrayList<X509CertificateHolder>();
switch(Arity.checkArgumentCount(runtime, args, 2, 5)) {
case 3:
additionalCerts = args[2];
break;
case 4:
additionalCerts = args[2];
flags = args[3];
break;
case 5:
additionalCerts = args[2];
flags = args[3];
digest = args[4];
break;
default:
break;
}
if (digest.isNil())
digest = digestInstance.initialize(context, new IRubyObject[] { RubyString.newString(runtime, "SHA1") });
if (!flags.isNil())
flag = RubyFixnum.fix2int(flags);
if (additionalCerts.isNil())
flag |= RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOCERTS));
X509Cert signer = (X509Cert) args[0];
PKey signerKey = (PKey) args[1];
String keyAlg = signerKey.getAlgorithm();
String digAlg = ((Digest) digest).getShortAlgorithm();
JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(digAlg + "with" + keyAlg);
signerBuilder.setProvider("BC");
ContentSigner contentSigner = null;
try {
contentSigner = signerBuilder.build(signerKey.getPrivateKey());
} catch (OperatorCreationException e) {
throw newOCSPError(runtime, e);
}
BasicOCSPRespBuilder respBuilder = null;
try {
if ((flag & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_RESPID_KEY))) != 0) {
JcaDigestCalculatorProviderBuilder dcpb = new JcaDigestCalculatorProviderBuilder();
dcpb.setProvider("BC");
DigestCalculatorProvider dcp = dcpb.build();
DigestCalculator calculator = dcp.get(contentSigner.getAlgorithmIdentifier());
respBuilder = new BasicOCSPRespBuilder(SubjectPublicKeyInfo.getInstance(signerKey.getPublicKey().getEncoded()), calculator);
} else {
respBuilder = new BasicOCSPRespBuilder(new RespID(signer.getSubject().getX500Name()));
}
} catch (Exception e) {
throw newOCSPError(runtime, e);
}
X509CertificateHolder[] chain = null;
try {
if ((flag & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOCERTS))) == 0) {
addlCerts.add(new X509CertificateHolder(signer.getAuxCert().getEncoded()));
if (!additionalCerts.isNil()) {
Iterator<java.security.cert.Certificate> rubyAddlCerts = ((RubyArray) additionalCerts).iterator();
while (rubyAddlCerts.hasNext()) {
java.security.cert.Certificate cert = rubyAddlCerts.next();
addlCerts.add(new X509CertificateHolder(cert.getEncoded()));
}
}
chain = addlCerts.toArray(new X509CertificateHolder[addlCerts.size()]);
}
} catch (Exception e) {
throw newOCSPError(runtime, e);
}
Date producedAt = null;
if ((flag & RubyFixnum.fix2int((RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOTIME))) == 0) {
producedAt = new Date();
}
for (OCSPSingleResponse resp : singleResponses) {
SingleResp singleResp = new SingleResp(resp.getBCSingleResp());
respBuilder.addResponse(singleResp.getCertID(), singleResp.getCertStatus(), singleResp.getThisUpdate(), singleResp.getNextUpdate(), resp.getBCSingleResp().getSingleExtensions());
}
try {
Extension[] respExtAry = new Extension[extensions.size()];
Extensions respExtensions = new Extensions(extensions.toArray(respExtAry));
BasicOCSPResp bcBasicOCSPResp = respBuilder.setResponseExtensions(respExtensions).build(contentSigner, chain, producedAt);
asn1BCBasicOCSPResp = BasicOCSPResponse.getInstance(bcBasicOCSPResp.getEncoded());
} catch (Exception e) {
throw newOCSPError(runtime, e);
}
return this;
}
Also used :
RubyArray(org.jruby.RubyArray)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ArrayList(java.util.ArrayList)
DigestCalculator(org.bouncycastle.operator.DigestCalculator)
RubyString(org.jruby.RubyString)
IRubyObject(org.jruby.runtime.builtin.IRubyObject)
Extensions(org.bouncycastle.asn1.x509.Extensions)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
Ruby(org.jruby.Ruby)
SingleResp(org.bouncycastle.cert.ocsp.SingleResp)
Digest._Digest(org.jruby.ext.openssl.Digest._Digest)
MessageDigest(java.security.MessageDigest)
ContentSigner(org.bouncycastle.operator.ContentSigner)
RubyFixnum(org.jruby.RubyFixnum)
RaiseException(org.jruby.exceptions.RaiseException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
Date(java.util.Date)
Extension(org.bouncycastle.asn1.x509.Extension)
BasicOCSPRespBuilder(org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder)
DigestCalculatorProvider(org.bouncycastle.operator.DigestCalculatorProvider)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp)
RespID(org.bouncycastle.cert.ocsp.RespID)
JcaDigestCalculatorProviderBuilder(org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder)
X509AuxCertificate(org.jruby.ext.openssl.x509store.X509AuxCertificate)
JRubyMethod(org.jruby.anno.JRubyMethod)
Example 9 with RubyFixnum
use of org.jruby.RubyFixnum in project jruby-openssl by jruby.
the class OCSPCertificateId method cmp.
@JRubyMethod(name = "cmp")
public IRubyObject cmp(IRubyObject other) {
Ruby runtime = getRuntime();
RubyFixnum ret = (RubyFixnum) this.cmp_issuer(other);
if (!ret.eql(RubyFixnum.zero(runtime)))
return ret;
OCSPCertificateId that = (OCSPCertificateId) other;
return RubyFixnum.newFixnum(runtime, this.getCertID().getSerialNumber().getValue().compareTo(that.getCertID().getSerialNumber().getValue()));
}
Also used :
Ruby(org.jruby.Ruby)
RubyFixnum(org.jruby.RubyFixnum)
JRubyMethod(org.jruby.anno.JRubyMethod)
Example 10 with RubyFixnum
use of org.jruby.RubyFixnum in project jruby-openssl by jruby.
the class OCSPRequest method sign.
@JRubyMethod(name = "sign", rest = true)
public IRubyObject sign(final ThreadContext context, IRubyObject[] args) {
final Ruby runtime = context.runtime;
int flag = 0;
IRubyObject additionalCerts = context.nil;
IRubyObject flags = context.nil;
IRubyObject digest = context.nil;
Digest digestInstance = new Digest(runtime, _Digest(runtime));
IRubyObject nocerts = (RubyFixnum) _OCSP(runtime).getConstant(OCSP_NOCERTS);
switch(Arity.checkArgumentCount(runtime, args, 2, 5)) {
case 3:
additionalCerts = args[2];
break;
case 4:
additionalCerts = args[2];
flags = args[3];
break;
case 5:
additionalCerts = args[2];
flags = args[3];
digest = args[4];
break;
default:
break;
}
if (digest.isNil())
digest = digestInstance.initialize(context, new IRubyObject[] { RubyString.newString(runtime, "SHA1") });
if (additionalCerts.isNil())
flag |= RubyFixnum.fix2int(nocerts);
if (!flags.isNil())
flag = RubyFixnum.fix2int(flags);
X509Cert signer = (X509Cert) args[0];
PKey signerKey = (PKey) args[1];
String keyAlg = signerKey.getAlgorithm();
String digAlg = ((Digest) digest).getShortAlgorithm();
JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(digAlg + "with" + keyAlg);
signerBuilder.setProvider("BC");
ContentSigner contentSigner = null;
try {
contentSigner = signerBuilder.build(signerKey.getPrivateKey());
} catch (OperatorCreationException e) {
throw newOCSPError(runtime, e);
}
OCSPReqBuilder builder = new OCSPReqBuilder();
builder.setRequestorName(signer.getSubject().getX500Name());
for (OCSPCertificateId certId : certificateIds) {
builder.addRequest(new CertificateID(certId.getCertID()));
}
List<X509CertificateHolder> certChain = new ArrayList<X509CertificateHolder>();
if (flag != RubyFixnum.fix2int(nocerts)) {
try {
certChain.add(new X509CertificateHolder(signer.getAuxCert().getEncoded()));
if (!additionalCerts.isNil()) {
Iterator<java.security.cert.Certificate> certIt = ((RubyArray) additionalCerts).iterator();
while (certIt.hasNext()) {
certChain.add(new X509CertificateHolder(certIt.next().getEncoded()));
}
}
} catch (Exception e) {
throw newOCSPError(runtime, e);
}
}
X509CertificateHolder[] chain = new X509CertificateHolder[certChain.size()];
certChain.toArray(chain);
try {
asn1bcReq = org.bouncycastle.asn1.ocsp.OCSPRequest.getInstance(builder.build(contentSigner, chain).getEncoded());
} catch (Exception e) {
throw newOCSPError(runtime, e);
}
if (nonce != null) {
addNonceImpl();
}
return this;
}
Also used :
RubyArray(org.jruby.RubyArray)
Digest._Digest(org.jruby.ext.openssl.Digest._Digest)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
CertificateID(org.bouncycastle.cert.ocsp.CertificateID)
ContentSigner(org.bouncycastle.operator.ContentSigner)
ArrayList(java.util.ArrayList)
RubyString(org.jruby.RubyString)
IRubyObject(org.jruby.runtime.builtin.IRubyObject)
RubyFixnum(org.jruby.RubyFixnum)
RaiseException(org.jruby.exceptions.RaiseException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
Ruby(org.jruby.Ruby)
OCSPReqBuilder(org.bouncycastle.cert.ocsp.OCSPReqBuilder)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
X509AuxCertificate(org.jruby.ext.openssl.x509store.X509AuxCertificate)
JRubyMethod(org.jruby.anno.JRubyMethod)
Aggregations
RubyFixnum (org.jruby.RubyFixnum)15
JRubyMethod (org.jruby.anno.JRubyMethod)12
Ruby (org.jruby.Ruby)11
IOException (java.io.IOException)8
RaiseException (org.jruby.exceptions.RaiseException)7
IRubyObject (org.jruby.runtime.builtin.IRubyObject)6
RubyArray (org.jruby.RubyArray)5
OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)4
RubyString (org.jruby.RubyString)4
PublicKey (java.security.PublicKey)3
X509AuxCertificate (org.jruby.ext.openssl.x509store.X509AuxCertificate)3
StringReader (java.io.StringReader)2
BigInteger (java.math.BigInteger)2
CertificateEncodingException (java.security.cert.CertificateEncodingException)2
CertificateException (java.security.cert.CertificateException)2
CertificateParsingException (java.security.cert.CertificateParsingException)2
X509Certificate (java.security.cert.X509Certificate)2
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)2
ParseException (java.text.ParseException)2
ArrayList (java.util.ArrayList)2
