use of org.jruby.util.ByteList in project jruby-openssl by jruby.
the class X509Extension method getValue.
private IRubyObject getValue(final Ruby runtime) throws IOException {
if (value instanceof RubyString) {
// explicitly set value
return (RubyString) value;
}
final ThreadContext context = runtime.getCurrentContext();
final byte[] enc = getRealValueEncoded();
IRubyObject extValue = runtime.newString(new ByteList(enc, false));
extValue = ASN1.decodeImpl(context, _ASN1(runtime), extValue);
return extValue.callMethod(context, "value");
}
use of org.jruby.util.ByteList in project jruby-openssl by jruby.
the class X509Extension method value.
@JRubyMethod
public RubyString value(final ThreadContext context) {
if (this.value instanceof RubyString) {
// return the same as set
return (RubyString) this.value;
}
final Ruby runtime = context.runtime;
final String oid = getRealObjectID().getId();
try {
if (oid.equals("2.5.29.19")) {
// basicConstraints
ASN1Sequence seq2 = (ASN1Sequence) ASN1.readObject(getRealValueEncoded());
final ByteList val = new ByteList(32);
if (seq2.size() > 0) {
val.append(CA_);
ASN1Encodable obj0 = seq2.getObjectAt(0);
final boolean bool;
if (obj0 instanceof ASN1Boolean) {
bool = ((ASN1Boolean) obj0).isTrue();
} else {
// NOTE: keep it due BC <= 1.50
bool = ((DERBoolean) obj0).isTrue();
}
val.append(bool ? TRUE : FALSE);
}
if (seq2.size() > 1) {
val.append(", pathlen:".getBytes());
val.append(seq2.getObjectAt(1).toString().getBytes());
}
return runtime.newString(val);
}
if (oid.equals("2.5.29.15")) {
// keyUsage
final byte[] enc = getRealValueEncoded();
byte b3 = 0;
byte b2 = enc[2];
if (enc.length > 3)
b3 = enc[3];
final ByteList val = new ByteList(64);
byte[] sep = _;
if ((b2 & (byte) 128) != 0) {
val.append(sep);
val.append(Decipher_Only);
sep = SEP;
}
if ((b3 & (byte) 128) != 0) {
val.append(sep);
val.append(Digital_Signature);
sep = SEP;
}
if ((b3 & (byte) 64) != 0) {
val.append(sep);
val.append(Non_Repudiation);
sep = SEP;
}
if ((b3 & (byte) 32) != 0) {
val.append(sep);
val.append(Key_Encipherment);
sep = SEP;
}
if ((b3 & (byte) 16) != 0) {
val.append(sep);
val.append(Data_Encipherment);
sep = SEP;
}
if ((b3 & (byte) 8) != 0) {
val.append(sep);
val.append(Key_Agreement);
sep = SEP;
}
if ((b3 & (byte) 4) != 0) {
val.append(sep);
val.append(Certificate_Sign);
sep = SEP;
}
if ((b3 & (byte) 2) != 0) {
val.append(sep);
val.append(CRL_Sign);
sep = SEP;
}
if ((b3 & (byte) 1) != 0) {
// sep = SEP;
val.append(sep);
// sep = SEP;
val.append(Encipher_Only);
}
return runtime.newString(val);
}
if (oid.equals("2.16.840.1.113730.1.1")) {
// nsCertType
final byte b0 = getRealValueEncoded()[0];
final ByteList val = new ByteList(64);
byte[] sep = _;
if ((b0 & (byte) 128) != 0) {
val.append(sep);
val.append(SSL_Client);
sep = SEP;
}
if ((b0 & (byte) 64) != 0) {
val.append(sep);
val.append(SSL_Server);
sep = SEP;
}
if ((b0 & (byte) 32) != 0) {
val.append(sep);
val.append(SMIME);
sep = SEP;
}
if ((b0 & (byte) 16) != 0) {
val.append(sep);
val.append(Object_Signing);
sep = SEP;
}
if ((b0 & (byte) 8) != 0) {
val.append(sep);
val.append(Unused);
sep = SEP;
}
if ((b0 & (byte) 4) != 0) {
val.append(sep);
val.append(SSL_CA);
sep = SEP;
}
if ((b0 & (byte) 2) != 0) {
val.append(sep);
val.append(SMIME_CA);
sep = SEP;
}
if ((b0 & (byte) 1) != 0) {
val.append(sep);
val.append(Object_Signing_CA);
}
return runtime.newString(val);
}
if (oid.equals("2.5.29.14")) {
// subjectKeyIdentifier
ASN1Encodable value = getRealValue();
if (value instanceof ASN1OctetString) {
byte[] octets = ((ASN1OctetString) value).getOctets();
if (octets.length > 0 && octets[0] == BERTags.OCTET_STRING) {
// read nested octets
value = ASN1.readObject(octets);
}
}
return runtime.newString(hexBytes(keyidBytes(value.toASN1Primitive()), 0));
}
if (oid.equals("2.5.29.35")) {
// authorityKeyIdentifier
ASN1Encodable value = getRealValue();
if (value instanceof ASN1OctetString) {
value = ASN1.readObject(((ASN1OctetString) value).getOctets());
}
final ByteList val = new ByteList(72);
val.append(keyid_);
if (value instanceof ASN1Sequence) {
final ASN1Sequence seq = (ASN1Sequence) value;
final int size = seq.size();
if (size == 0)
return RubyString.newEmptyString(runtime);
ASN1Primitive keyid = seq.getObjectAt(0).toASN1Primitive();
hexBytes(keyidBytes(keyid), val).append('\n');
for (int i = 1; i < size; i++) {
final ASN1Encodable issuer = seq.getObjectAt(i);
// NOTE: blindly got OpenSSL tests passing (likely in-complete) :
if (issuer instanceof ASN1TaggedObject) {
ASN1Primitive obj = ((ASN1TaggedObject) issuer).getObject();
switch(((ASN1TaggedObject) issuer).getTagNo()) {
case 1:
if (obj instanceof ASN1TaggedObject) {
formatGeneralName(GeneralName.getInstance(obj), val, true);
}
break;
case // serial
2:
val.append(new byte[] { 's', 'e', 'r', 'i', 'a', 'l', ':' });
if (obj instanceof ASN1Integer) {
hexBytes(((ASN1Integer) obj).getValue().toByteArray(), val);
} else {
hexBytes(((ASN1OctetString) obj).getOctets(), val);
}
break;
}
}
val.append('\n');
}
return runtime.newString(val);
}
hexBytes(keyidBytes(value.toASN1Primitive()), val).append('\n');
return runtime.newString(val);
}
if (oid.equals("2.5.29.21")) {
// CRLReason
final IRubyObject value = getValue(runtime);
switch(RubyNumeric.fix2int(value)) {
case 0:
return runtime.newString(new ByteList(Unspecified));
case 1:
return RubyString.newString(runtime, "Key Compromise");
case 2:
return RubyString.newString(runtime, "CA Compromise");
case 3:
return RubyString.newString(runtime, "Affiliation Changed");
case 4:
return RubyString.newString(runtime, "Superseded");
case 5:
return RubyString.newString(runtime, "Cessation Of Operation");
case 6:
return RubyString.newString(runtime, "Certificate Hold");
case 8:
return RubyString.newString(runtime, "Remove From CRL");
case 9:
return RubyString.newString(runtime, "Privilege Withdrawn");
default:
return runtime.newString(new ByteList(Unspecified));
}
}
if (oid.equals("2.5.29.17") || oid.equals("2.5.29.18")) {
// subjectAltName || issuerAltName
try {
ASN1Encodable value = getRealValue();
final ByteList val = new ByteList(64);
if (value instanceof ASN1TaggedObject) {
formatGeneralName(GeneralName.getInstance(value), val, false);
return runtime.newString(val);
}
if (value instanceof GeneralName) {
formatGeneralName((GeneralName) value, val, false);
return runtime.newString(val);
}
if (value instanceof ASN1OctetString) {
// decoded octets will end up as an ASN1Sequence instance :
value = ASN1.readObject(((ASN1OctetString) value).getOctets());
}
if (value instanceof ASN1TaggedObject) {
// DERTaggedObject (issuerAltName wrapping)
formatGeneralName(GeneralName.getInstance(value), val, false);
return runtime.newString(val);
}
final GeneralName[] names = GeneralNames.getInstance(value).getNames();
for (int i = 0; i < names.length; i++) {
boolean other = formatGeneralName(names[i], val, false);
if (i < names.length - 1) {
if (other)
val.append(';');
else
val.append(',').append(' ');
}
}
return runtime.newString(val);
} catch (IllegalArgumentException e) {
debugStackTrace(runtime, e);
return rawValueAsString(context);
}
}
if (oid.equals("2.5.29.37")) {
// extendedKeyUsage
final ByteList val = new ByteList(64);
if (this.value instanceof ASN1Sequence) {
// opt "short" path
final ASN1Sequence seq = (ASN1Sequence) this.value;
final int size = seq.size();
for (int i = 0; i < size; i++) {
ASN1Encodable o = seq.getObjectAt(i);
String name = o.toString();
Integer nid = ASN1.oid2nid(runtime, new ASN1ObjectIdentifier(name));
if (nid != null)
name = ASN1.nid2ln(runtime, nid);
if (name == null)
name = o.toString();
val.append(ByteList.plain(name));
if (i < size - 1)
val.append(',').append(' ');
}
return runtime.newString(val);
}
final IRubyObject value = getValue(runtime);
if (value instanceof RubyArray) {
final RubyArray arr = (RubyArray) value;
final int size = arr.size();
for (int i = 0; i < size; i++) {
IRubyObject entry = arr.eltInternal(i);
if ("ObjectId".equals(entry.getMetaClass().getBaseName())) {
entry = entry.callMethod(context, "ln");
} else if (entry.respondsTo("value")) {
entry = entry.callMethod(context, "value");
}
val.append(entry.asString().getByteList());
if (i < size - 1)
val.append(',').append(' ');
}
}
return runtime.newString(val);
}
return rawValueAsString(context);
} catch (IOException e) {
debugStackTrace(runtime, e);
throw newExtensionError(runtime, e);
}
}
use of org.jruby.util.ByteList in project jruby-openssl by jruby.
the class OpenSSL method createOpenSSL.
public static void createOpenSSL(final Ruby runtime) {
SecurityHelper.setRegisterProvider(SafePropertyAccessor.getBoolean("jruby.openssl.provider.register"));
final RubyModule _OpenSSL = runtime.getOrCreateModule("OpenSSL");
RubyClass _StandardError = runtime.getClass("StandardError");
_OpenSSL.defineClassUnder("OpenSSLError", _StandardError, _StandardError.getAllocator());
_OpenSSL.defineAnnotatedMethods(OpenSSL.class);
// set OpenSSL debug internal flag early on so it can print traces even while loading extension
setDebug(_OpenSSL, runtime.newBoolean(SafePropertyAccessor.getBoolean("jruby.openssl.debug")));
final String warn = SafePropertyAccessor.getProperty("jruby.openssl.warn");
if (warn != null)
OpenSSL.warn = Boolean.parseBoolean(warn);
Config.createConfig(runtime, _OpenSSL);
ExtConfig.create(runtime, _OpenSSL);
PKey.createPKey(runtime, _OpenSSL);
BN.createBN(runtime, _OpenSSL);
Digest.createDigest(runtime, _OpenSSL);
Cipher.createCipher(runtime, _OpenSSL);
Random.createRandom(runtime, _OpenSSL);
HMAC.createHMAC(runtime, _OpenSSL);
ASN1.createASN1(runtime, _OpenSSL);
X509.createX509(runtime, _OpenSSL);
NetscapeSPKI.createNetscapeSPKI(runtime, _OpenSSL);
SSL.createSSL(runtime, _OpenSSL);
PKCS7.createPKCS7(runtime, _OpenSSL);
PKCS5.createPKCS5(runtime, _OpenSSL);
OCSP.createOCSP(runtime, _OpenSSL);
runtime.getLoadService().require("jopenssl/version");
// MRI 1.8.7 :
// OpenSSL::VERSION: "1.0.0"
// OpenSSL::OPENSSL_VERSION: "OpenSSL 1.0.1c 10 May 2012"
// OpenSSL::OPENSSL_VERSION_NUMBER: 268439615
// MRI 1.9.3 / 2.2.3 :
// OpenSSL::VERSION: "1.1.0"
// OpenSSL::OPENSSL_VERSION: "OpenSSL 1.0.1f 6 Jan 2014"
// OpenSSL::OPENSSL_VERSION_NUMBER: 268439663
// OpenSSL::OPENSSL_LIBRARY_VERSION: ""OpenSSL 1.0.2d 9 Jul 2015"
// OpenSSL::FIPS: false
final byte[] version = { '1', '.', '1', '.', '0' };
_OpenSSL.setConstant("VERSION", StringHelper.newString(runtime, version));
final RubyModule _Jopenssl = runtime.getModule("Jopenssl");
final RubyString jVERSION = _Jopenssl.getConstantAt("VERSION").asString();
final byte[] JRuby_OpenSSL_ = { 'J', 'R', 'u', 'b', 'y', '-', 'O', 'p', 'e', 'n', 'S', 'S', 'L', ' ' };
// NOTE: smt more useful?
final int OPENSSL_VERSION_NUMBER = 999999999;
ByteList OPENSSL_VERSION = new ByteList(jVERSION.getByteList().getRealSize() + JRuby_OpenSSL_.length);
OPENSSL_VERSION.setEncoding(jVERSION.getEncoding());
OPENSSL_VERSION.append(JRuby_OpenSSL_);
OPENSSL_VERSION.append(jVERSION.getByteList());
final RubyString VERSION;
_OpenSSL.setConstant("OPENSSL_VERSION", VERSION = runtime.newString(OPENSSL_VERSION));
_OpenSSL.setConstant("OPENSSL_VERSION_NUMBER", runtime.newFixnum(OPENSSL_VERSION_NUMBER));
// MRI 2.3 tests do: /\AOpenSSL +0\./ !~ OpenSSL::OPENSSL_LIBRARY_VERSION
_OpenSSL.setConstant("OPENSSL_LIBRARY_VERSION", VERSION);
_OpenSSL.setConstant("OPENSSL_FIPS", runtime.getFalse());
}
use of org.jruby.util.ByteList in project jruby-openssl by jruby.
the class EncContent method fromASN1.
/**
* EncryptedContentInfo ::= SEQUENCE {
* contentType ContentType,
* contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
* encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
*
* EncryptedContent ::= OCTET STRING
*/
public static EncContent fromASN1(final ASN1Encodable content) {
final ASN1Sequence sequence = (ASN1Sequence) content;
ASN1ObjectIdentifier contentType = (ASN1ObjectIdentifier) (sequence.getObjectAt(0));
final EncContent ec = new EncContent();
ec.setContentType(ASN1Registry.oid2nid(contentType));
ec.setAlgorithm(AlgorithmIdentifier.getInstance(sequence.getObjectAt(1)));
if (sequence.size() > 2 && sequence.getObjectAt(2) instanceof ASN1TaggedObject && ((ASN1TaggedObject) (sequence.getObjectAt(2))).getTagNo() == 0) {
ASN1Encodable ee = ((ASN1TaggedObject) (sequence.getObjectAt(2))).getObject();
if (ee instanceof ASN1Sequence && ((ASN1Sequence) ee).size() > 0) {
ByteList combinedOctets = new ByteList();
Enumeration enm = ((ASN1Sequence) ee).getObjects();
while (enm.hasMoreElements()) {
byte[] octets = ((ASN1OctetString) enm.nextElement()).getOctets();
combinedOctets.append(octets);
}
ec.setEncData(new DEROctetString(combinedOctets.bytes()));
} else {
ec.setEncData((ASN1OctetString) ee);
}
}
return ec;
}
use of org.jruby.util.ByteList in project nokogiri by sparklemotion.
the class XmlDocument method canonicalize.
/* call-seq:
* doc.canonicalize(mode=XML_C14N_1_0,inclusive_namespaces=nil,with_comments=false)
* doc.canonicalize { |obj, parent| ... }
*
* Canonicalize a document and return the results. Takes an optional block
* that takes two parameters: the +obj+ and that node's +parent+.
* The +obj+ will be either a Nokogiri::XML::Node, or a Nokogiri::XML::Namespace
* The block must return a non-nil, non-false value if the +obj+ passed in
* should be included in the canonicalized document.
*/
@JRubyMethod(optional = 3)
public IRubyObject canonicalize(ThreadContext context, IRubyObject[] args, Block block) {
int mode = 0;
String inclusive_namespace = null;
Boolean with_comments = false;
if (args.length > 0 && !(args[0].isNil())) {
mode = RubyFixnum.fix2int(args[0]);
}
if (args.length > 1) {
if (!args[1].isNil() && !(args[1] instanceof List)) {
throw context.runtime.newTypeError("Expected array");
}
if (!args[1].isNil()) {
inclusive_namespace = ((RubyArray) args[1]).join(context, context.runtime.newString(" ")).asString().asJavaString();
}
}
if (args.length > 2) {
with_comments = args[2].isTrue();
}
String algorithmURI = null;
switch(mode) {
case // XML_C14N_1_0
0:
if (with_comments) {
algorithmURI = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
} else {
algorithmURI = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
}
break;
case // XML_C14N_EXCLUSIVE_1_0
1:
if (with_comments) {
algorithmURI = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
} else {
algorithmURI = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
}
break;
case // XML_C14N_1_1 = 2
2:
if (with_comments) {
algorithmURI = Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
} else {
algorithmURI = Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
}
}
try {
Canonicalizer canonicalizer = Canonicalizer.getInstance(algorithmURI);
XmlNode startingNode = getStartingNode(block);
byte[] result;
CanonicalFilter filter = new CanonicalFilter(context, block);
if (inclusive_namespace == null) {
result = canonicalizer.canonicalizeSubtree(startingNode.getNode(), filter);
} else {
result = canonicalizer.canonicalizeSubtree(startingNode.getNode(), inclusive_namespace, filter);
}
return RubyString.newString(context.runtime, new ByteList(result, UTF8Encoding.INSTANCE));
} catch (CanonicalizationException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return context.nil;
}
Aggregations