jruby-openssl 0.8.6 → 0.8.7.dev

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,5 +1,5 @@
1
1
  module Jopenssl
2
2
  module Version
3
- VERSION = "0.8.6"
3
+ VERSION = "0.8.7.dev"
4
4
  end
5
5
  end
@@ -2,43 +2,133 @@ require 'java'
2
2
 
3
3
  module OpenSSL
4
4
  class PKCS12
5
+ class PKCS12Error < OpenSSLError
6
+ end
7
+
5
8
  java_import java.io.StringReader
6
9
  java_import java.io.StringBufferInputStream
7
10
  java_import java.security.cert.CertificateFactory
11
+ java_import java.security.cert.Certificate
8
12
  java_import java.security.KeyStore
9
13
  java_import java.io.ByteArrayOutputStream
10
14
  java_import org.bouncycastle.openssl.PEMReader
11
15
 
12
16
  java.security.Security.add_provider(org.bouncycastle.jce.provider.BouncyCastleProvider.new)
13
17
 
14
- def self.create(pass, name, key, cert)
15
- pkcs12 = self.new(pass, name, key, cert)
16
- pkcs12.generate
18
+ def self.create(pass, name, key, cert, ca = nil)
19
+ pkcs12 = self.new
20
+ pkcs12.generate(pass, name, key, cert, ca)
17
21
  pkcs12
18
22
  end
19
23
 
20
- attr_reader :key, :certificate
24
+ attr_reader :key, :certificate, :ca_certs
25
+
26
+ def initialize(str = nil, pass = nil)
27
+ if str
28
+ if str.is_a?(File)
29
+ file = File.open(str.path, "rb")
30
+ @der = file.read
31
+ file.close
32
+ else
33
+ @der = str
34
+ end
35
+
36
+ p12_input_stream = StringBufferInputStream.new(@der)
37
+
38
+ store = KeyStore.get_instance("PKCS12")
39
+ password = pass.nil? ? "" : pass
40
+ begin
41
+ store.load(p12_input_stream, password.to_java.to_char_array)
42
+ rescue java.lang.Exception => e
43
+ raise PKCS12Error, "Exception: #{e}"
44
+ end
45
+
46
+ aliases = store.aliases
47
+ aliases.each { |alias_name|
48
+ if store.is_key_entry(alias_name)
49
+ begin
50
+ java_certificate = store.get_certificate(alias_name)
51
+ rescue java.lang.Exception => e
52
+ raise PKCS12Error, "Exception: #{e}"
53
+ end
54
+ if java_certificate
55
+ der = String.from_java_bytes(java_certificate.get_encoded)
56
+ @certificate = OpenSSL::X509::Certificate.new(der)
57
+ end
21
58
 
22
- def initialize(pass, name, key, cert)
23
- @pass = pass
24
- @name = name
59
+ begin
60
+ java_key = store.get_key(alias_name, password.to_java.to_char_array)
61
+ rescue java.lang.Exception => e
62
+ raise PKCS12Error, "Exception: #{e}"
63
+ end
64
+ if java_key
65
+ der = String.from_java_bytes(java_key.get_encoded)
66
+ algorithm = java_key.get_algorithm
67
+ if algorithm == "RSA"
68
+ @key = OpenSSL::PKey::RSA.new(der)
69
+ elsif algorithm == "DSA"
70
+ @key = OpenSSL::PKey::DSA.new(der)
71
+ elsif algorithm == "DH"
72
+ @key = OpenSSL::PKey::DH.new(der)
73
+ elsif algorithm == "EC"
74
+ @key = OpenSSL::PKey::EC.new(der)
75
+ else
76
+ raise PKCS12Error, "Unknown key algorithm"
77
+ end
78
+ end
79
+
80
+ @ca_certs = Array.new
81
+ begin
82
+ java_ca_certs = store.get_certificate_chain(alias_name)
83
+ rescue java.lang.Exception => e
84
+ raise PKCS12Error, "Exception #{e}"
85
+ end
86
+ if java_ca_certs
87
+ java_ca_certs.each do |java_ca_cert|
88
+ der = String.from_java_bytes(java_ca_cert.get_encoded)
89
+ ruby_cert = OpenSSL::X509::Certificate.new(der)
90
+ if (ruby_cert.to_pem != @certificate.to_pem)
91
+ @ca_certs << ruby_cert
92
+ end
93
+ end
94
+ end
95
+ end
96
+ break
97
+ }
98
+ else
99
+ @der = nil
100
+ end
101
+ end
102
+
103
+ def generate(pass, alias_name, key, cert, ca = nil)
25
104
  @key = key
26
105
  @certificate = cert
27
- end
106
+ @ca_certs = ca
28
107
 
29
- def generate
30
108
  key_reader = StringReader.new(key.to_pem)
31
109
  key_pair = PEMReader.new(key_reader).read_object
32
110
 
33
- cert_input_stream = StringBufferInputStream.new(certificate.to_pem)
111
+ certificates = cert.to_pem
112
+ if ca
113
+ ca.each { |ca_cert|
114
+ certificates << ca_cert.to_pem
115
+ }
116
+ end
117
+
118
+ cert_input_stream = StringBufferInputStream.new(certificates)
34
119
  certs = CertificateFactory.get_instance("X.509").generate_certificates(cert_input_stream)
35
120
 
36
121
  store = KeyStore.get_instance("PKCS12", "BC")
37
122
  store.load(nil, nil)
38
- store.set_key_entry(@name, key_pair.get_private, nil, certs.to_array(Java::java.security.cert.Certificate[certs.size].new))
123
+ store.set_key_entry(alias_name, key_pair.get_private, nil, certs.to_array(Java::java.security.cert.Certificate[certs.size].new))
39
124
 
40
125
  pkcs12_output_stream = ByteArrayOutputStream.new
41
- store.store(pkcs12_output_stream, @pass.to_java.to_char_array)
126
+ password = pass.nil? ? "" : pass;
127
+ begin
128
+ store.store(pkcs12_output_stream, password.to_java.to_char_array)
129
+ rescue java.lang.Exception => e
130
+ raise PKCS12Error, "Exception: #{e}"
131
+ end
42
132
 
43
133
  @der = String.from_java_bytes(pkcs12_output_stream.to_byte_array)
44
134
  end
metadata CHANGED
@@ -1,8 +1,8 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jruby-openssl
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.6
5
- prerelease:
4
+ prerelease: 6
5
+ version: 0.8.7.dev
6
6
  platform: ruby
7
7
  authors:
8
8
  - Ola Bini
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2013-03-16 00:00:00.000000000 Z
13
+ date: 2013-03-20 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: bouncy-castle-java
@@ -89,9 +89,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
89
89
  none: false
90
90
  required_rubygems_version: !ruby/object:Gem::Requirement
91
91
  requirements:
92
- - - '>='
92
+ - - '>'
93
93
  - !ruby/object:Gem::Version
94
- version: '0'
94
+ version: 1.3.1
95
95
  none: false
96
96
  requirements: []
97
97
  rubyforge_project: jruby/jruby