Search in sources :

Example 21 with ByteList

use of org.jruby.util.ByteList in project jruby-openssl by jruby.

the class X509Extension method getValue.

private IRubyObject getValue(final Ruby runtime) throws IOException {
    if (value instanceof RubyString) {
        // explicitly set value
        return (RubyString) value;
    }
    final ThreadContext context = runtime.getCurrentContext();
    final byte[] enc = getRealValueEncoded();
    IRubyObject extValue = runtime.newString(new ByteList(enc, false));
    extValue = ASN1.decodeImpl(context, _ASN1(runtime), extValue);
    return extValue.callMethod(context, "value");
}
Also used : ByteList(org.jruby.util.ByteList) RubyString(org.jruby.RubyString) ThreadContext(org.jruby.runtime.ThreadContext) IRubyObject(org.jruby.runtime.builtin.IRubyObject)

Example 22 with ByteList

use of org.jruby.util.ByteList in project jruby-openssl by jruby.

the class X509Extension method value.

@JRubyMethod
public RubyString value(final ThreadContext context) {
    if (this.value instanceof RubyString) {
        // return the same as set
        return (RubyString) this.value;
    }
    final Ruby runtime = context.runtime;
    final String oid = getRealObjectID().getId();
    try {
        if (oid.equals("2.5.29.19")) {
            // basicConstraints
            ASN1Sequence seq2 = (ASN1Sequence) ASN1.readObject(getRealValueEncoded());
            final ByteList val = new ByteList(32);
            if (seq2.size() > 0) {
                val.append(CA_);
                ASN1Encodable obj0 = seq2.getObjectAt(0);
                final boolean bool;
                if (obj0 instanceof ASN1Boolean) {
                    bool = ((ASN1Boolean) obj0).isTrue();
                } else {
                    // NOTE: keep it due BC <= 1.50
                    bool = ((DERBoolean) obj0).isTrue();
                }
                val.append(bool ? TRUE : FALSE);
            }
            if (seq2.size() > 1) {
                val.append(", pathlen:".getBytes());
                val.append(seq2.getObjectAt(1).toString().getBytes());
            }
            return runtime.newString(val);
        }
        if (oid.equals("2.5.29.15")) {
            // keyUsage
            final byte[] enc = getRealValueEncoded();
            byte b3 = 0;
            byte b2 = enc[2];
            if (enc.length > 3)
                b3 = enc[3];
            final ByteList val = new ByteList(64);
            byte[] sep = _;
            if ((b2 & (byte) 128) != 0) {
                val.append(sep);
                val.append(Decipher_Only);
                sep = SEP;
            }
            if ((b3 & (byte) 128) != 0) {
                val.append(sep);
                val.append(Digital_Signature);
                sep = SEP;
            }
            if ((b3 & (byte) 64) != 0) {
                val.append(sep);
                val.append(Non_Repudiation);
                sep = SEP;
            }
            if ((b3 & (byte) 32) != 0) {
                val.append(sep);
                val.append(Key_Encipherment);
                sep = SEP;
            }
            if ((b3 & (byte) 16) != 0) {
                val.append(sep);
                val.append(Data_Encipherment);
                sep = SEP;
            }
            if ((b3 & (byte) 8) != 0) {
                val.append(sep);
                val.append(Key_Agreement);
                sep = SEP;
            }
            if ((b3 & (byte) 4) != 0) {
                val.append(sep);
                val.append(Certificate_Sign);
                sep = SEP;
            }
            if ((b3 & (byte) 2) != 0) {
                val.append(sep);
                val.append(CRL_Sign);
                sep = SEP;
            }
            if ((b3 & (byte) 1) != 0) {
                // sep = SEP;
                val.append(sep);
                // sep = SEP;
                val.append(Encipher_Only);
            }
            return runtime.newString(val);
        }
        if (oid.equals("2.16.840.1.113730.1.1")) {
            // nsCertType
            final byte b0 = getRealValueEncoded()[0];
            final ByteList val = new ByteList(64);
            byte[] sep = _;
            if ((b0 & (byte) 128) != 0) {
                val.append(sep);
                val.append(SSL_Client);
                sep = SEP;
            }
            if ((b0 & (byte) 64) != 0) {
                val.append(sep);
                val.append(SSL_Server);
                sep = SEP;
            }
            if ((b0 & (byte) 32) != 0) {
                val.append(sep);
                val.append(SMIME);
                sep = SEP;
            }
            if ((b0 & (byte) 16) != 0) {
                val.append(sep);
                val.append(Object_Signing);
                sep = SEP;
            }
            if ((b0 & (byte) 8) != 0) {
                val.append(sep);
                val.append(Unused);
                sep = SEP;
            }
            if ((b0 & (byte) 4) != 0) {
                val.append(sep);
                val.append(SSL_CA);
                sep = SEP;
            }
            if ((b0 & (byte) 2) != 0) {
                val.append(sep);
                val.append(SMIME_CA);
                sep = SEP;
            }
            if ((b0 & (byte) 1) != 0) {
                val.append(sep);
                val.append(Object_Signing_CA);
            }
            return runtime.newString(val);
        }
        if (oid.equals("2.5.29.14")) {
            // subjectKeyIdentifier
            ASN1Encodable value = getRealValue();
            if (value instanceof ASN1OctetString) {
                byte[] octets = ((ASN1OctetString) value).getOctets();
                if (octets.length > 0 && octets[0] == BERTags.OCTET_STRING) {
                    // read nested octets
                    value = ASN1.readObject(octets);
                }
            }
            return runtime.newString(hexBytes(keyidBytes(value.toASN1Primitive()), 0));
        }
        if (oid.equals("2.5.29.35")) {
            // authorityKeyIdentifier
            ASN1Encodable value = getRealValue();
            if (value instanceof ASN1OctetString) {
                value = ASN1.readObject(((ASN1OctetString) value).getOctets());
            }
            final ByteList val = new ByteList(72);
            val.append(keyid_);
            if (value instanceof ASN1Sequence) {
                final ASN1Sequence seq = (ASN1Sequence) value;
                final int size = seq.size();
                if (size == 0)
                    return RubyString.newEmptyString(runtime);
                ASN1Primitive keyid = seq.getObjectAt(0).toASN1Primitive();
                hexBytes(keyidBytes(keyid), val).append('\n');
                for (int i = 1; i < size; i++) {
                    final ASN1Encodable issuer = seq.getObjectAt(i);
                    // NOTE: blindly got OpenSSL tests passing (likely in-complete) :
                    if (issuer instanceof ASN1TaggedObject) {
                        ASN1Primitive obj = ((ASN1TaggedObject) issuer).getObject();
                        switch(((ASN1TaggedObject) issuer).getTagNo()) {
                            case 1:
                                if (obj instanceof ASN1TaggedObject) {
                                    formatGeneralName(GeneralName.getInstance(obj), val, true);
                                }
                                break;
                            case // serial
                            2:
                                val.append(new byte[] { 's', 'e', 'r', 'i', 'a', 'l', ':' });
                                if (obj instanceof ASN1Integer) {
                                    hexBytes(((ASN1Integer) obj).getValue().toByteArray(), val);
                                } else {
                                    hexBytes(((ASN1OctetString) obj).getOctets(), val);
                                }
                                break;
                        }
                    }
                    val.append('\n');
                }
                return runtime.newString(val);
            }
            hexBytes(keyidBytes(value.toASN1Primitive()), val).append('\n');
            return runtime.newString(val);
        }
        if (oid.equals("2.5.29.21")) {
            // CRLReason
            final IRubyObject value = getValue(runtime);
            switch(RubyNumeric.fix2int(value)) {
                case 0:
                    return runtime.newString(new ByteList(Unspecified));
                case 1:
                    return RubyString.newString(runtime, "Key Compromise");
                case 2:
                    return RubyString.newString(runtime, "CA Compromise");
                case 3:
                    return RubyString.newString(runtime, "Affiliation Changed");
                case 4:
                    return RubyString.newString(runtime, "Superseded");
                case 5:
                    return RubyString.newString(runtime, "Cessation Of Operation");
                case 6:
                    return RubyString.newString(runtime, "Certificate Hold");
                case 8:
                    return RubyString.newString(runtime, "Remove From CRL");
                case 9:
                    return RubyString.newString(runtime, "Privilege Withdrawn");
                default:
                    return runtime.newString(new ByteList(Unspecified));
            }
        }
        if (oid.equals("2.5.29.17") || oid.equals("2.5.29.18")) {
            // subjectAltName || issuerAltName
            try {
                ASN1Encodable value = getRealValue();
                final ByteList val = new ByteList(64);
                if (value instanceof ASN1TaggedObject) {
                    formatGeneralName(GeneralName.getInstance(value), val, false);
                    return runtime.newString(val);
                }
                if (value instanceof GeneralName) {
                    formatGeneralName((GeneralName) value, val, false);
                    return runtime.newString(val);
                }
                if (value instanceof ASN1OctetString) {
                    // decoded octets will end up as an ASN1Sequence instance :
                    value = ASN1.readObject(((ASN1OctetString) value).getOctets());
                }
                if (value instanceof ASN1TaggedObject) {
                    // DERTaggedObject (issuerAltName wrapping)
                    formatGeneralName(GeneralName.getInstance(value), val, false);
                    return runtime.newString(val);
                }
                final GeneralName[] names = GeneralNames.getInstance(value).getNames();
                for (int i = 0; i < names.length; i++) {
                    boolean other = formatGeneralName(names[i], val, false);
                    if (i < names.length - 1) {
                        if (other)
                            val.append(';');
                        else
                            val.append(',').append(' ');
                    }
                }
                return runtime.newString(val);
            } catch (IllegalArgumentException e) {
                debugStackTrace(runtime, e);
                return rawValueAsString(context);
            }
        }
        if (oid.equals("2.5.29.37")) {
            // extendedKeyUsage
            final ByteList val = new ByteList(64);
            if (this.value instanceof ASN1Sequence) {
                // opt "short" path
                final ASN1Sequence seq = (ASN1Sequence) this.value;
                final int size = seq.size();
                for (int i = 0; i < size; i++) {
                    ASN1Encodable o = seq.getObjectAt(i);
                    String name = o.toString();
                    Integer nid = ASN1.oid2nid(runtime, new ASN1ObjectIdentifier(name));
                    if (nid != null)
                        name = ASN1.nid2ln(runtime, nid);
                    if (name == null)
                        name = o.toString();
                    val.append(ByteList.plain(name));
                    if (i < size - 1)
                        val.append(',').append(' ');
                }
                return runtime.newString(val);
            }
            final IRubyObject value = getValue(runtime);
            if (value instanceof RubyArray) {
                final RubyArray arr = (RubyArray) value;
                final int size = arr.size();
                for (int i = 0; i < size; i++) {
                    IRubyObject entry = arr.eltInternal(i);
                    if ("ObjectId".equals(entry.getMetaClass().getBaseName())) {
                        entry = entry.callMethod(context, "ln");
                    } else if (entry.respondsTo("value")) {
                        entry = entry.callMethod(context, "value");
                    }
                    val.append(entry.asString().getByteList());
                    if (i < size - 1)
                        val.append(',').append(' ');
                }
            }
            return runtime.newString(val);
        }
        return rawValueAsString(context);
    } catch (IOException e) {
        debugStackTrace(runtime, e);
        throw newExtensionError(runtime, e);
    }
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ByteList(org.jruby.util.ByteList) RubyArray(org.jruby.RubyArray) RubyString(org.jruby.RubyString) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) RubyString(org.jruby.RubyString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) IRubyObject(org.jruby.runtime.builtin.IRubyObject) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1Boolean(org.bouncycastle.asn1.ASN1Boolean) GeneralName(org.bouncycastle.asn1.x509.GeneralName) Ruby(org.jruby.Ruby) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) JRubyMethod(org.jruby.anno.JRubyMethod)

Example 23 with ByteList

use of org.jruby.util.ByteList in project jruby-openssl by jruby.

the class OpenSSL method createOpenSSL.

public static void createOpenSSL(final Ruby runtime) {
    SecurityHelper.setRegisterProvider(SafePropertyAccessor.getBoolean("jruby.openssl.provider.register"));
    final RubyModule _OpenSSL = runtime.getOrCreateModule("OpenSSL");
    RubyClass _StandardError = runtime.getClass("StandardError");
    _OpenSSL.defineClassUnder("OpenSSLError", _StandardError, _StandardError.getAllocator());
    _OpenSSL.defineAnnotatedMethods(OpenSSL.class);
    // set OpenSSL debug internal flag early on so it can print traces even while loading extension
    setDebug(_OpenSSL, runtime.newBoolean(SafePropertyAccessor.getBoolean("jruby.openssl.debug")));
    final String warn = SafePropertyAccessor.getProperty("jruby.openssl.warn");
    if (warn != null)
        OpenSSL.warn = Boolean.parseBoolean(warn);
    Config.createConfig(runtime, _OpenSSL);
    ExtConfig.create(runtime, _OpenSSL);
    PKey.createPKey(runtime, _OpenSSL);
    BN.createBN(runtime, _OpenSSL);
    Digest.createDigest(runtime, _OpenSSL);
    Cipher.createCipher(runtime, _OpenSSL);
    Random.createRandom(runtime, _OpenSSL);
    HMAC.createHMAC(runtime, _OpenSSL);
    ASN1.createASN1(runtime, _OpenSSL);
    X509.createX509(runtime, _OpenSSL);
    NetscapeSPKI.createNetscapeSPKI(runtime, _OpenSSL);
    SSL.createSSL(runtime, _OpenSSL);
    PKCS7.createPKCS7(runtime, _OpenSSL);
    PKCS5.createPKCS5(runtime, _OpenSSL);
    OCSP.createOCSP(runtime, _OpenSSL);
    runtime.getLoadService().require("jopenssl/version");
    // MRI 1.8.7 :
    // OpenSSL::VERSION: "1.0.0"
    // OpenSSL::OPENSSL_VERSION: "OpenSSL 1.0.1c 10 May 2012"
    // OpenSSL::OPENSSL_VERSION_NUMBER: 268439615
    // MRI 1.9.3 / 2.2.3 :
    // OpenSSL::VERSION: "1.1.0"
    // OpenSSL::OPENSSL_VERSION: "OpenSSL 1.0.1f 6 Jan 2014"
    // OpenSSL::OPENSSL_VERSION_NUMBER: 268439663
    // OpenSSL::OPENSSL_LIBRARY_VERSION: ""OpenSSL 1.0.2d 9 Jul 2015"
    // OpenSSL::FIPS: false
    final byte[] version = { '1', '.', '1', '.', '0' };
    _OpenSSL.setConstant("VERSION", StringHelper.newString(runtime, version));
    final RubyModule _Jopenssl = runtime.getModule("Jopenssl");
    final RubyString jVERSION = _Jopenssl.getConstantAt("VERSION").asString();
    final byte[] JRuby_OpenSSL_ = { 'J', 'R', 'u', 'b', 'y', '-', 'O', 'p', 'e', 'n', 'S', 'S', 'L', ' ' };
    // NOTE: smt more useful?
    final int OPENSSL_VERSION_NUMBER = 999999999;
    ByteList OPENSSL_VERSION = new ByteList(jVERSION.getByteList().getRealSize() + JRuby_OpenSSL_.length);
    OPENSSL_VERSION.setEncoding(jVERSION.getEncoding());
    OPENSSL_VERSION.append(JRuby_OpenSSL_);
    OPENSSL_VERSION.append(jVERSION.getByteList());
    final RubyString VERSION;
    _OpenSSL.setConstant("OPENSSL_VERSION", VERSION = runtime.newString(OPENSSL_VERSION));
    _OpenSSL.setConstant("OPENSSL_VERSION_NUMBER", runtime.newFixnum(OPENSSL_VERSION_NUMBER));
    // MRI 2.3 tests do: /\AOpenSSL +0\./ !~ OpenSSL::OPENSSL_LIBRARY_VERSION
    _OpenSSL.setConstant("OPENSSL_LIBRARY_VERSION", VERSION);
    _OpenSSL.setConstant("OPENSSL_FIPS", runtime.getFalse());
}
Also used : ByteList(org.jruby.util.ByteList) JRubyModule(org.jruby.anno.JRubyModule)

Example 24 with ByteList

use of org.jruby.util.ByteList in project jruby-openssl by jruby.

the class EncContent method fromASN1.

/**
 * EncryptedContentInfo ::= SEQUENCE {
 *   contentType ContentType,
 *   contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
 *   encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
 *
 * EncryptedContent ::= OCTET STRING
 */
public static EncContent fromASN1(final ASN1Encodable content) {
    final ASN1Sequence sequence = (ASN1Sequence) content;
    ASN1ObjectIdentifier contentType = (ASN1ObjectIdentifier) (sequence.getObjectAt(0));
    final EncContent ec = new EncContent();
    ec.setContentType(ASN1Registry.oid2nid(contentType));
    ec.setAlgorithm(AlgorithmIdentifier.getInstance(sequence.getObjectAt(1)));
    if (sequence.size() > 2 && sequence.getObjectAt(2) instanceof ASN1TaggedObject && ((ASN1TaggedObject) (sequence.getObjectAt(2))).getTagNo() == 0) {
        ASN1Encodable ee = ((ASN1TaggedObject) (sequence.getObjectAt(2))).getObject();
        if (ee instanceof ASN1Sequence && ((ASN1Sequence) ee).size() > 0) {
            ByteList combinedOctets = new ByteList();
            Enumeration enm = ((ASN1Sequence) ee).getObjects();
            while (enm.hasMoreElements()) {
                byte[] octets = ((ASN1OctetString) enm.nextElement()).getOctets();
                combinedOctets.append(octets);
            }
            ec.setEncData(new DEROctetString(combinedOctets.bytes()));
        } else {
            ec.setEncData((ASN1OctetString) ee);
        }
    }
    return ec;
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ByteList(org.jruby.util.ByteList) Enumeration(java.util.Enumeration) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Example 25 with ByteList

use of org.jruby.util.ByteList in project nokogiri by sparklemotion.

the class XmlDocument method canonicalize.

/* call-seq:
   *  doc.canonicalize(mode=XML_C14N_1_0,inclusive_namespaces=nil,with_comments=false)
   *  doc.canonicalize { |obj, parent| ... }
   *
   * Canonicalize a document and return the results.  Takes an optional block
   * that takes two parameters: the +obj+ and that node's +parent+.
   * The  +obj+ will be either a Nokogiri::XML::Node, or a Nokogiri::XML::Namespace
   * The block must return a non-nil, non-false value if the +obj+ passed in
   * should be included in the canonicalized document.
   */
@JRubyMethod(optional = 3)
public IRubyObject canonicalize(ThreadContext context, IRubyObject[] args, Block block) {
    int mode = 0;
    String inclusive_namespace = null;
    Boolean with_comments = false;
    if (args.length > 0 && !(args[0].isNil())) {
        mode = RubyFixnum.fix2int(args[0]);
    }
    if (args.length > 1) {
        if (!args[1].isNil() && !(args[1] instanceof List)) {
            throw context.runtime.newTypeError("Expected array");
        }
        if (!args[1].isNil()) {
            inclusive_namespace = ((RubyArray) args[1]).join(context, context.runtime.newString(" ")).asString().asJavaString();
        }
    }
    if (args.length > 2) {
        with_comments = args[2].isTrue();
    }
    String algorithmURI = null;
    switch(mode) {
        case // XML_C14N_1_0
        0:
            if (with_comments) {
                algorithmURI = Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS;
            } else {
                algorithmURI = Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS;
            }
            break;
        case // XML_C14N_EXCLUSIVE_1_0
        1:
            if (with_comments) {
                algorithmURI = Canonicalizer.ALGO_ID_C14N_EXCL_WITH_COMMENTS;
            } else {
                algorithmURI = Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS;
            }
            break;
        case // XML_C14N_1_1 = 2
        2:
            if (with_comments) {
                algorithmURI = Canonicalizer.ALGO_ID_C14N11_WITH_COMMENTS;
            } else {
                algorithmURI = Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS;
            }
    }
    try {
        Canonicalizer canonicalizer = Canonicalizer.getInstance(algorithmURI);
        XmlNode startingNode = getStartingNode(block);
        byte[] result;
        CanonicalFilter filter = new CanonicalFilter(context, block);
        if (inclusive_namespace == null) {
            result = canonicalizer.canonicalizeSubtree(startingNode.getNode(), filter);
        } else {
            result = canonicalizer.canonicalizeSubtree(startingNode.getNode(), inclusive_namespace, filter);
        }
        return RubyString.newString(context.runtime, new ByteList(result, UTF8Encoding.INSTANCE));
    } catch (CanonicalizationException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
    return context.nil;
}
Also used : ByteList(org.jruby.util.ByteList) CanonicalizationException(nokogiri.internals.c14n.CanonicalizationException) CanonicalFilter(nokogiri.internals.c14n.CanonicalFilter) NodeList(org.w3c.dom.NodeList) ByteList(org.jruby.util.ByteList) List(java.util.List) NokogiriHelpers.rubyStringToString(nokogiri.internals.NokogiriHelpers.rubyStringToString) RubyString(org.jruby.RubyString) Canonicalizer(nokogiri.internals.c14n.Canonicalizer) JRubyMethod(org.jruby.anno.JRubyMethod)

Aggregations

ByteList (org.jruby.util.ByteList)43 Ruby (org.jruby.Ruby)21 JRubyMethod (org.jruby.anno.JRubyMethod)19 RubyString (org.jruby.RubyString)18 IRubyObject (org.jruby.runtime.builtin.IRubyObject)10 GeneralSecurityException (java.security.GeneralSecurityException)8 IOException (java.io.IOException)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6 ByteBuffer (java.nio.ByteBuffer)5 NokogiriHelpers.rubyStringToString (nokogiri.internals.NokogiriHelpers.rubyStringToString)4 ByteArrayInputStream (java.io.ByteArrayInputStream)3 BigInteger (java.math.BigInteger)3 InvalidKeyException (java.security.InvalidKeyException)3 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)3 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)3 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)3 ASN1TaggedObject (org.bouncycastle.asn1.ASN1TaggedObject)3 InputSource (org.xml.sax.InputSource)3 StringReader (java.io.StringReader)2