RubyGems - r509 - Versions diffs - 0.8.1 → 0.9 - Mend

r509 0.8.1 → 0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (203) hide show

data/README.md +343 -151
data/Rakefile +26 -23
data/bin/r509 +126 -112
data/bin/r509-parse +24 -24
data/doc/R509.html +169 -7
data/doc/R509/ASN1.html +370 -0
data/doc/R509/ASN1/GeneralName.html +1121 -0
data/doc/R509/ASN1/GeneralNames.html +843 -0
data/doc/R509/ASN1/NoticeReference.html +392 -0
data/doc/R509/ASN1/PolicyInformation.html +387 -0
data/doc/R509/ASN1/PolicyQualifiers.html +455 -0
data/doc/R509/ASN1/UserNotice.html +386 -0
data/doc/R509/{Crl.html → CRL.html} +7 -7
data/doc/R509/CRL/Administrator.html +1559 -0
data/doc/R509/{Crl/Parser.html → CRL/SignedList.html} +501 -210
data/doc/R509/{Csr.html → CSR.html} +444 -314
data/doc/R509/Cert.html +866 -617
data/doc/R509/Cert/Extensions.html +52 -41
data/doc/R509/Cert/Extensions/AuthorityInfoAccess.html +70 -35
data/doc/R509/Cert/Extensions/AuthorityKeyIdentifier.html +387 -4
data/doc/R509/Cert/Extensions/BasicConstraints.html +61 -25
data/doc/R509/Cert/Extensions/CRLDistributionPoints.html +354 -0
data/doc/R509/Cert/Extensions/CertificatePolicies.html +340 -0
data/doc/R509/Cert/Extensions/ExtendedKeyUsage.html +440 -49
data/doc/R509/Cert/Extensions/{CrlDistributionPoints.html → InhibitAnyPolicy.html} +52 -35
data/doc/R509/Cert/Extensions/KeyUsage.html +247 -121
data/doc/R509/Cert/Extensions/NameConstraints.html +445 -0
data/doc/R509/Cert/Extensions/OCSPNoCheck.html +239 -0
data/doc/R509/Cert/Extensions/PolicyConstraints.html +424 -0
data/doc/R509/Cert/Extensions/SubjectAlternativeName.html +437 -62
data/doc/R509/Cert/Extensions/SubjectKeyIdentifier.html +52 -10
data/doc/R509/CertificateAuthority.html +4 -4
data/doc/R509/CertificateAuthority/Signer.html +154 -187
data/doc/R509/Config.html +6 -6
data/doc/R509/Config/{CaConfig.html → CAConfig.html} +451 -348
data/doc/R509/Config/{CaConfigPool.html → CAConfigPool.html} +47 -47
data/doc/R509/Config/CAProfile.html +1015 -0
data/doc/R509/Config/SubjectItemPolicy.html +86 -86
data/doc/R509/IOHelpers.html +22 -22
data/doc/R509/MessageDigest.html +14 -14
data/doc/R509/NameSanitizer.html +53 -53
data/doc/R509/{Ocsp.html → OCSP.html} +9 -9
data/doc/R509/{Ocsp → OCSP}/Request.html +7 -7
data/doc/R509/{Ocsp → OCSP}/Request/Nonce.html +56 -11
data/doc/R509/{Ocsp → OCSP}/Response.html +44 -44
data/doc/R509/{OidMapper.html → OIDMapper.html} +23 -39
data/doc/R509/PrivateKey.html +415 -168
data/doc/R509/R509Error.html +3 -3
data/doc/R509/{Spki.html → SPKI.html} +354 -192
data/doc/R509/Subject.html +224 -113
data/doc/R509/Validity.html +27 -5
data/doc/R509/Validity/Checker.html +13 -13
data/doc/R509/Validity/DefaultChecker.html +13 -13
data/doc/R509/Validity/DefaultWriter.html +14 -14
data/doc/R509/Validity/Status.html +39 -39
data/doc/R509/Validity/Writer.html +18 -18
data/doc/_index.html +138 -35
data/doc/class_list.html +1 -1
data/doc/css/style.css +10 -0
data/doc/file.README.html +368 -171
data/doc/file.r509.html +92 -69
data/doc/frames.html +1 -1
data/doc/index.html +368 -171
data/doc/method_list.html +910 -390
data/doc/top-level-namespace.html +3 -3
data/lib/r509.rb +32 -16
data/lib/r509/asn1.rb +375 -0
data/lib/r509/cert.rb +381 -364
data/lib/r509/cert/extensions.rb +443 -76
data/lib/r509/certificate_authority.rb +407 -0
data/lib/r509/config.rb +547 -351
data/lib/r509/crl.rb +336 -366
data/lib/r509/csr.rb +278 -289
data/lib/r509/ec-hack.rb +37 -0
data/lib/r509/exceptions.rb +3 -3
data/lib/r509/io_helpers.rb +44 -44
data/lib/r509/message_digest.rb +53 -0
data/lib/r509/ocsp.rb +80 -70
data/lib/r509/oid_mapper.rb +32 -0
data/lib/r509/private_key.rb +228 -0
data/lib/r509/spki.rb +145 -93
data/lib/r509/subject.rb +203 -110
data/lib/r509/validity.rb +70 -68
data/lib/r509/version.rb +2 -2
data/r509.yaml +92 -69
data/spec/asn1_spec.rb +402 -0
data/spec/cert/extensions_spec.rb +957 -494
data/spec/cert_spec.rb +382 -307
data/spec/certificate_authority_spec.rb +668 -250
data/spec/config_spec.rb +515 -302
data/spec/crl_spec.rb +197 -198
data/spec/csr_spec.rb +334 -289
data/spec/fixtures.rb +247 -171
data/spec/fixtures/cert1.der +0 -0
data/spec/fixtures/cert1.pem +0 -0
data/spec/fixtures/cert1_public_key_modulus.txt +0 -0
data/spec/fixtures/cert3.p12 +0 -0
data/spec/fixtures/cert3.pem +0 -0
data/spec/fixtures/cert3_key.pem +0 -0
data/spec/fixtures/cert3_key_des3.pem +0 -0
data/spec/fixtures/cert4.pem +0 -0
data/spec/fixtures/cert5.pem +0 -0
data/spec/fixtures/cert6.pem +0 -0
data/spec/fixtures/cert_expired.pem +0 -0
data/spec/fixtures/cert_inhibit.pem +24 -0
data/spec/fixtures/cert_name_constraints.pem +29 -0
data/spec/fixtures/cert_not_yet_valid.pem +0 -0
data/spec/fixtures/cert_ocsp_no_check.pem +18 -0
data/spec/fixtures/cert_policy_constraints.pem +31 -0
data/spec/fixtures/cert_san.pem +0 -0
data/spec/fixtures/cert_san2.pem +0 -0
data/spec/fixtures/cert_unknown_extension.pem +28 -0
data/spec/fixtures/config_pool_test_minimal.yaml +11 -11
data/spec/fixtures/config_test.yaml +54 -36
data/spec/fixtures/config_test_dsa.yaml +35 -0
data/spec/fixtures/config_test_ec.yaml +35 -0
data/spec/fixtures/config_test_engine_key.yaml +5 -5
data/spec/fixtures/config_test_engine_no_key_name.yaml +4 -4
data/spec/fixtures/config_test_minimal.yaml +4 -4
data/spec/fixtures/config_test_password.yaml +5 -5
data/spec/fixtures/config_test_various.yaml +111 -74
data/spec/fixtures/crl_list_file.txt +0 -0
data/spec/fixtures/crl_with_reason.pem +0 -0
data/spec/fixtures/csr1.der +0 -0
data/spec/fixtures/csr1.pem +0 -0
data/spec/fixtures/csr1_key.der +0 -0
data/spec/fixtures/csr1_key.pem +0 -0
data/spec/fixtures/csr1_key_encrypted_des3.pem +0 -0
data/spec/fixtures/csr1_newlines.pem +0 -0
data/spec/fixtures/csr1_no_begin_end.pem +0 -0
data/spec/fixtures/csr1_public_key_modulus.txt +0 -0
data/spec/fixtures/csr2.pem +0 -0
data/spec/fixtures/csr2_key.pem +0 -0
data/spec/fixtures/csr3.pem +0 -0
data/spec/fixtures/csr4.pem +0 -0
data/spec/fixtures/csr_dsa.pem +0 -0
data/spec/fixtures/csr_invalid_signature.pem +0 -0
data/spec/fixtures/dsa_key.pem +0 -0
data/spec/fixtures/dsa_root.cer +28 -0
data/spec/fixtures/dsa_root.key +20 -0
data/spec/fixtures/ec_csr2.der +0 -0
data/spec/fixtures/ec_csr2.pem +8 -0
data/spec/fixtures/ec_key1.der +0 -0
data/spec/fixtures/ec_key1.pem +6 -0
data/spec/fixtures/ec_key1_encrypted.pem +9 -0
data/spec/fixtures/ec_key2.pem +6 -0
data/spec/fixtures/hmacsha1.sig +1 -0
data/spec/fixtures/hmacsha512.sig +1 -0
data/spec/fixtures/key4.pem +0 -0
data/spec/fixtures/key4_encrypted_des3.pem +0 -0
data/spec/fixtures/missing_key_identifier_ca.cer +0 -0
data/spec/fixtures/missing_key_identifier_ca.key +0 -0
data/spec/fixtures/ocsptest.r509.local.pem +0 -0
data/spec/fixtures/ocsptest.r509.local_ocsp_request.der +0 -0
data/spec/fixtures/ocsptest2.r509.local.pem +0 -0
data/spec/fixtures/second_ca.cer +0 -0
data/spec/fixtures/second_ca.key +0 -0
data/spec/fixtures/spkac.der +0 -0
data/spec/fixtures/spkac.txt +0 -0
data/spec/fixtures/spkac_dsa.txt +1 -1
data/spec/fixtures/spkac_dsa_no_verify.txt +1 -0
data/spec/fixtures/spkac_ec.txt +1 -0
data/spec/fixtures/spkac_rsa_newlines.txt +13 -0
data/spec/fixtures/stca.pem +0 -0
data/spec/fixtures/stca_ocsp_request.der +0 -0
data/spec/fixtures/stca_ocsp_response.der +0 -0
data/spec/fixtures/test1.csr +0 -0
data/spec/fixtures/test_ca.cer +0 -0
data/spec/fixtures/test_ca.key +0 -0
data/spec/fixtures/test_ca.p12 +0 -0
data/spec/fixtures/test_ca_des3.key +0 -0
data/spec/fixtures/test_ca_ec.cer +14 -0
data/spec/fixtures/test_ca_ec.key +6 -0
data/spec/fixtures/test_ca_ec_ee.cer +22 -0
data/spec/fixtures/test_ca_ec_ee.key +6 -0
data/spec/fixtures/test_ca_ocsp.cer +0 -0
data/spec/fixtures/test_ca_ocsp.key +0 -0
data/spec/fixtures/test_ca_ocsp.p12 +0 -0
data/spec/fixtures/test_ca_ocsp_chain.txt +0 -0
data/spec/fixtures/test_ca_ocsp_response.der +0 -0
data/spec/fixtures/test_ca_subroot.cer +0 -0
data/spec/fixtures/test_ca_subroot.key +0 -0
data/spec/fixtures/test_ca_subroot_ocsp.cer +0 -0
data/spec/fixtures/test_ca_subroot_ocsp.key +0 -0
data/spec/fixtures/test_ca_subroot_ocsp_response.der +0 -0
data/spec/fixtures/unknown_oid.csr +0 -0
data/spec/message_digest_spec.rb +104 -84
data/spec/ocsp_spec.rb +105 -105
data/spec/oid_mapper_spec.rb +21 -21
data/spec/private_key_spec.rb +275 -0
data/spec/r509_spec.rb +35 -0
data/spec/spec_helper.rb +15 -6
data/spec/spki_spec.rb +221 -142
data/spec/subject_spec.rb +232 -164
data/spec/validity_spec.rb +91 -91
metadata +79 -25
data/doc/R509/Config/CaProfile.html +0 -651
data/doc/R509/Crl/Administrator.html +0 -2073
data/lib/r509/certificateauthority.rb +0 -290
data/lib/r509/messagedigest.rb +0 -49
data/lib/r509/oidmapper.rb +0 -32
data/lib/r509/privatekey.rb +0 -185
data/spec/privatekey_spec.rb +0 -198

data/doc/R509/Crl/Administrator.html DELETED Viewed

@@ -1,2073 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<title>
-  Class: R509::Crl::Administrator
-    &mdash; Documentation by YARD 0.8.2.1
-</title>
-  <link rel="stylesheet" href="../../css/style.css" type="text/css" media="screen" charset="utf-8" />
-  <link rel="stylesheet" href="../../css/common.css" type="text/css" media="screen" charset="utf-8" />
-<script type="text/javascript" charset="utf-8">
-  hasFrames = window.top.frames.main ? true : false;
-  relpath = '../../';
-  framesUrl = "../../frames.html#!" + escape(window.location.href);
-</script>
-  <script type="text/javascript" charset="utf-8" src="../../js/jquery.js"></script>
-  <script type="text/javascript" charset="utf-8" src="../../js/app.js"></script>
-  </head>
-  <body>
-    <div id="header">
-      <div id="menu">
-    <a href="../../_index.html">Index (A)</a> &raquo;
-    <span class='title'><span class='object_link'><a href="../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Crl.html" title="R509::Crl (module)">Crl</a></span></span>
-     &raquo;
-    <span class="title">Administrator</span>
-  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
-</div>
-      <div id="search">
-    <a class="full_list_link" id="class_list_link"
-        href="../../class_list.html">
-      Class List
-    </a>
-    <a class="full_list_link" id="method_list_link"
-        href="../../method_list.html">
-      Method List
-    </a>
-    <a class="full_list_link" id="file_list_link"
-        href="../../file_list.html">
-      File List
-    </a>
-</div>
-      <div class="clear"></div>
-    </div>
-    <iframe id="search_frame"></iframe>
-    <div id="content"><h1>Class: R509::Crl::Administrator
-</h1>
-<dl class="box">
-    <dt class="r1">Inherits:</dt>
-    <dd class="r1">
-      <span class="inheritName">Object</span>
-        <ul class="fullTree">
-          <li>Object</li>
-            <li class="next">R509::Crl::Administrator</li>
-        </ul>
-        <a href="#" class="inheritanceTree">show all</a>
-      </dd>
-      <dt class="r2">Includes:</dt>
-      <dd class="r2"><span class='object_link'><a href="../IOHelpers.html" title="R509::IOHelpers (module)">IOHelpers</a></span></dd>
-    <dt class="r1 last">Defined in:</dt>
-    <dd class="r1 last">lib/r509/crl.rb</dd>
-</dl>
-<div class="clear"></div>
-<h2>Overview</h2><div class="docstring">
-  <div class="discussion">
-<p>Used to manage revocations and generate CRLs</p>
-  </div>
-</div>
-<div class="tags">
-</div>
-  <h2>Instance Attribute Summary <small>(<a href="#" class="summary_toggle">collapse</a>)</small></h2>
-  <ul class="summary">
-      <li class="public ">
-  <span class="summary_signature">
-      <a href="#crl_list_file-instance_method" title="#crl_list_file (instance method)">- (Object) <strong>crl_list_file</strong> </a>
-  </span>
-      <span class="note title readonly">readonly</span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the value of attribute crl_list_file.</p>
-</div></span>
-</li>
-      <li class="public ">
-  <span class="summary_signature">
-      <a href="#crl_number-instance_method" title="#crl_number (instance method)">- (Object) <strong>crl_number</strong> </a>
-  </span>
-      <span class="note title readonly">readonly</span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the value of attribute crl_number.</p>
-</div></span>
-</li>
-      <li class="public ">
-  <span class="summary_signature">
-      <a href="#crl_number_file-instance_method" title="#crl_number_file (instance method)">- (Object) <strong>crl_number_file</strong> </a>
-  </span>
-      <span class="note title readonly">readonly</span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the value of attribute crl_number_file.</p>
-</div></span>
-</li>
-      <li class="public ">
-  <span class="summary_signature">
-      <a href="#validity_hours-instance_method" title="#validity_hours (instance method)">- (Object) <strong>validity_hours</strong> </a>
-  </span>
-      <span class="note title readonly">readonly</span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the value of attribute validity_hours.</p>
-</div></span>
-</li>
-  </ul>
-    <h2>
-      Instance Method Summary
-      <small>(<a href="#" class="summary_toggle">collapse</a>)</small>
-    </h2>
-    <ul class="summary">
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#generate_crl-instance_method" title="#generate_crl (instance method)">- (String) <strong>generate_crl</strong> </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Remove serial from revocation list.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#initialize-instance_method" title="#initialize (instance method)">- (Administrator) <strong>initialize</strong>(config) </a>
-  </span>
-    <span class="note title constructor">constructor</span>
-    <span class="summary_desc"><div class='inline'>
-<p>A new instance of Administrator.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#last_update-instance_method" title="#last_update (instance method)">- (Time) <strong>last_update</strong> </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the signing time of the CRL.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#next_update-instance_method" title="#next_update (instance method)">- (Time) <strong>next_update</strong> </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the next update time for the CRL.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#revoke_cert-instance_method" title="#revoke_cert (instance method)">- (Object) <strong>revoke_cert</strong>(serial, reason = nil, revoke_time = Time.now.to_i, generate_and_save = true) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Adds a certificate to the revocation list.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#revoked%3F-instance_method" title="#revoked? (instance method)">- (Boolean) <strong>revoked?</strong>(serial) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Indicates whether the serial number has been revoked, or not.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#revoked_cert-instance_method" title="#revoked_cert (instance method)">- (Array) <strong>revoked_cert</strong>(serial) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Serial, reason, revoke_time tuple.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#revoked_certs-instance_method" title="#revoked_certs (instance method)">- (Array&lt;Array&gt;) <strong>revoked_certs</strong> </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns an array of serial, reason, revoke_time tuples.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#save_crl_list-instance_method" title="#save_crl_list (instance method)">- (Object) <strong>save_crl_list</strong>(filename_or_io = @crl_list_file) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Saves the CRL list to a filename or IO.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#save_crl_number-instance_method" title="#save_crl_number (instance method)">- (Object) <strong>save_crl_number</strong>(filename_or_io = @crl_number_file) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Save the CRL number to a filename or IO.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#to_crl-instance_method" title="#to_crl (instance method)">- (R509::Crl::Parser) <strong>to_crl</strong> </a>
-  </span>
-    <span class="summary_desc"><div class='inline'></div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#to_der-instance_method" title="#to_der (instance method)">- (String) <strong>to_der</strong> </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the CRL in DER format.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#to_pem-instance_method" title="#to_pem (instance method)">- (String) <strong>to_pem</strong> </a>
-      (also: #to_s)
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Returns the CRL in PEM format.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#unrevoke_cert-instance_method" title="#unrevoke_cert (instance method)">- (Object) <strong>unrevoke_cert</strong>(serial) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Remove serial from revocation list.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#write_der-instance_method" title="#write_der (instance method)">- (Object) <strong>write_der</strong>(filename_or_io) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Writes the CRL into the PEM format.</p>
-</div></span>
-</li>
-        <li class="public ">
-  <span class="summary_signature">
-      <a href="#write_pem-instance_method" title="#write_pem (instance method)">- (Object) <strong>write_pem</strong>(filename_or_io) </a>
-  </span>
-    <span class="summary_desc"><div class='inline'>
-<p>Writes the CRL into the PEM format.</p>
-</div></span>
-</li>
-    </ul>
-  <h3 class="inherited">Methods included from <span class='object_link'><a href="../IOHelpers.html" title="R509::IOHelpers (module)">IOHelpers</a></span></h3>
-  <p class="inherited"><span class='object_link'><a href="../IOHelpers.html#read_data-instance_method" title="R509::IOHelpers#read_data (method)">#read_data</a></span>, <span class='object_link'><a href="../IOHelpers.html#read_data-class_method" title="R509::IOHelpers.read_data (method)">read_data</a></span>, <span class='object_link'><a href="../IOHelpers.html#write_data-instance_method" title="R509::IOHelpers#write_data (method)">#write_data</a></span>, <span class='object_link'><a href="../IOHelpers.html#write_data-class_method" title="R509::IOHelpers.write_data (method)">write_data</a></span></p>
-<div id="constructor_details" class="method_details_list">
-  <h2>Constructor Details</h2>
-    <div class="method_details first">
-  <h3 class="signature first" id="initialize-instance_method">
-    - (<tt><span class='object_link'><a href="" title="R509::Crl::Administrator (class)">Administrator</a></span></tt>) <strong>initialize</strong>(config)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>A new instance of Administrator</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>config</span>
-        <span class='type'>(<tt><span class='object_link'><a href="../Config/CaConfig.html" title="R509::Config::CaConfig (class)">R509::Config::CaConfig</a></span></tt>)</span>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-119
-120
-121
-122
-123
-124
-125
-126
-127
-128
-129
-130
-131
-132
-133
-134
-135
-136
-137
-138
-139
-140</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 119</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_config'>config</span><span class='rparen'>)</span>
-    <span class='ivar'>@config</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span>
-    <span class='kw'>unless</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaConfig</span><span class='rparen'>)</span>
-        <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>config must be a kind of R509::Config::CaConfig</span><span class='tstring_end'>&quot;</span></span>
-    <span class='kw'>end</span>
-    <span class='ivar'>@validity_hours</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_validity_hours'>crl_validity_hours</span>
-    <span class='ivar'>@start_skew_seconds</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_start_skew_seconds'>crl_start_skew_seconds</span>
-    <span class='ivar'>@crl</span> <span class='op'>=</span> <span class='kw'>nil</span>
-    <span class='ivar'>@crl_number_file</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_number_file'>crl_number_file</span>
-    <span class='kw'>if</span> <span class='kw'>not</span> <span class='ivar'>@crl_number_file</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
-        <span class='ivar'>@crl_number</span> <span class='op'>=</span> <span class='id identifier rubyid_read_data'>read_data</span><span class='lparen'>(</span><span class='ivar'>@crl_number_file</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
-    <span class='kw'>else</span>
-        <span class='ivar'>@crl_number</span> <span class='op'>=</span> <span class='int'>0</span>
-    <span class='kw'>end</span>
-    <span class='ivar'>@crl_list_file</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_list_file'>crl_list_file</span>
-    <span class='id identifier rubyid_load_crl_list'>load_crl_list</span><span class='lparen'>(</span><span class='ivar'>@crl_list_file</span><span class='rparen'>)</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-</div>
-  <div id="instance_attr_details" class="attr_details">
-    <h2>Instance Attribute Details</h2>
-      <span id=""></span>
-      <div class="method_details first">
-  <h3 class="signature first" id="crl_list_file-instance_method">
-    - (<tt>Object</tt>) <strong>crl_list_file</strong>  <span class="extras">(readonly)</span>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the value of attribute crl_list_file</p>
-  </div>
-</div>
-<div class="tags">
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-116
-117
-118</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 116</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_crl_list_file'>crl_list_file</span>
-  <span class='ivar'>@crl_list_file</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <span id=""></span>
-      <div class="method_details ">
-  <h3 class="signature " id="crl_number-instance_method">
-    - (<tt>Object</tt>) <strong>crl_number</strong>  <span class="extras">(readonly)</span>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the value of attribute crl_number</p>
-  </div>
-</div>
-<div class="tags">
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-116
-117
-118</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 116</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_crl_number'>crl_number</span>
-  <span class='ivar'>@crl_number</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <span id=""></span>
-      <div class="method_details ">
-  <h3 class="signature " id="crl_number_file-instance_method">
-    - (<tt>Object</tt>) <strong>crl_number_file</strong>  <span class="extras">(readonly)</span>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the value of attribute crl_number_file</p>
-  </div>
-</div>
-<div class="tags">
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-116
-117
-118</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 116</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_crl_number_file'>crl_number_file</span>
-  <span class='ivar'>@crl_number_file</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <span id=""></span>
-      <div class="method_details ">
-  <h3 class="signature " id="validity_hours-instance_method">
-    - (<tt>Object</tt>) <strong>validity_hours</strong>  <span class="extras">(readonly)</span>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the value of attribute validity_hours</p>
-  </div>
-</div>
-<div class="tags">
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-116
-117
-118</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 116</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_validity_hours'>validity_hours</span>
-  <span class='ivar'>@validity_hours</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-  </div>
-  <div id="instance_method_details" class="method_details_list">
-    <h2>Instance Method Details</h2>
-      <div class="method_details first">
-  <h3 class="signature first" id="generate_crl-instance_method">
-    - (<tt>String</tt>) <strong>generate_crl</strong>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Remove serial from revocation list</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>String</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>PEM encoded signed CRL</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-258
-259
-260
-261
-262
-263
-264
-265
-266
-267
-268
-269
-270
-271
-272
-273
-274
-275
-276
-277
-278
-279
-280
-281
-282
-283
-284
-285
-286
-287
-288
-289
-290
-291
-292
-293
-294</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 258</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_generate_crl'>generate_crl</span>
-    <span class='id identifier rubyid_crl'>crl</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>CRL</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
-    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_version'>version</span> <span class='op'>=</span> <span class='int'>1</span>
-    <span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_at'>at</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
-    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_last_update'>last_update</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span><span class='op'>-</span><span class='ivar'>@start_skew_seconds</span>
-    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_next_update'>next_update</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span><span class='op'>+</span><span class='ivar'>@validity_hours</span><span class='op'>*</span><span class='int'>3600</span>
-    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
-    <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_revoked_certs'>revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='id identifier rubyid_reason'>reason</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='op'>|</span>
-        <span class='id identifier rubyid_revoked'>revoked</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Revoked</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
-        <span class='id identifier rubyid_revoked'>revoked</span><span class='period'>.</span><span class='id identifier rubyid_serial'>serial</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>BN</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span> <span class='id identifier rubyid_serial'>serial</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
-        <span class='id identifier rubyid_revoked'>revoked</span><span class='period'>.</span><span class='id identifier rubyid_time'>time</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_at'>at</span><span class='lparen'>(</span><span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='rparen'>)</span>
-        <span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_reason'>reason</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
-            <span class='id identifier rubyid_enum'>enum</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='op'>::</span><span class='const'>Enumerated</span><span class='lparen'>(</span><span class='id identifier rubyid_reason'>reason</span><span class='rparen'>)</span> <span class='comment'>#see reason codes below
-</span>            <span class='id identifier rubyid_ext'>ext</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Extension</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CRLReason</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_enum'>enum</span><span class='rparen'>)</span>
-            <span class='id identifier rubyid_revoked'>revoked</span><span class='period'>.</span><span class='id identifier rubyid_add_extension'>add_extension</span><span class='lparen'>(</span><span class='id identifier rubyid_ext'>ext</span><span class='rparen'>)</span>
-        <span class='kw'>end</span>
-        <span class='comment'>#now add it to the crl
-</span>        <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_add_revoked'>add_revoked</span><span class='lparen'>(</span><span class='id identifier rubyid_revoked'>revoked</span><span class='rparen'>)</span>
-    <span class='kw'>end</span>
-    <span class='id identifier rubyid_ef'>ef</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>ExtensionFactory</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
-    <span class='id identifier rubyid_ef'>ef</span><span class='period'>.</span><span class='id identifier rubyid_issuer_certificate'>issuer_certificate</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span>
-    <span class='id identifier rubyid_ef'>ef</span><span class='period'>.</span><span class='id identifier rubyid_crl'>crl</span> <span class='op'>=</span> <span class='id identifier rubyid_crl'>crl</span>
-    <span class='comment'>#grab crl number from file, increment, write back
-</span>    <span class='id identifier rubyid_crl_number'>crl_number</span> <span class='op'>=</span> <span class='id identifier rubyid_increment_crl_number'>increment_crl_number</span>
-    <span class='id identifier rubyid_crlnum'>crlnum</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='op'>::</span><span class='const'>Integer</span><span class='lparen'>(</span><span class='id identifier rubyid_crl_number'>crl_number</span><span class='rparen'>)</span>
-    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_add_extension'>add_extension</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Extension</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>crlNumber</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_crlnum'>crlnum</span><span class='rparen'>)</span><span class='rparen'>)</span>
-    <span class='id identifier rubyid_extensions'>extensions</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
-    <span class='id identifier rubyid_extensions'>extensions</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>authorityKeyIdentifier</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>keyid:always,issuer:always</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span>
-    <span class='id identifier rubyid_extensions'>extensions</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span><span class='lbrace'>{</span><span class='op'>|</span><span class='id identifier rubyid_oid'>oid</span><span class='comma'>,</span> <span class='id identifier rubyid_value'>value</span><span class='comma'>,</span> <span class='id identifier rubyid_critical'>critical</span><span class='op'>|</span>
-        <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_add_extension'>add_extension</span><span class='lparen'>(</span><span class='id identifier rubyid_ef'>ef</span><span class='period'>.</span><span class='id identifier rubyid_create_extension'>create_extension</span><span class='lparen'>(</span><span class='id identifier rubyid_oid'>oid</span><span class='comma'>,</span> <span class='id identifier rubyid_value'>value</span><span class='comma'>,</span> <span class='id identifier rubyid_critical'>critical</span><span class='rparen'>)</span><span class='rparen'>)</span>
-    <span class='rbrace'>}</span>
-    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_sign'>sign</span><span class='lparen'>(</span><span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_key'>key</span><span class='period'>.</span><span class='id identifier rubyid_key'>key</span><span class='comma'>,</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
-    <span class='ivar'>@crl</span> <span class='op'>=</span> <span class='id identifier rubyid_crl'>crl</span>
-    <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_to_pem'>to_pem</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="last_update-instance_method">
-    - (<tt>Time</tt>) <strong>last_update</strong>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the signing time of the CRL</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>Time</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>when the CRL was signed</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-196
-197
-198</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 196</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_last_update'>last_update</span>
-    <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_last_update'>last_update</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="next_update-instance_method">
-    - (<tt>Time</tt>) <strong>next_update</strong>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the next update time for the CRL</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>Time</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>when it will be updated next</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-203
-204
-205</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 203</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_next_update'>next_update</span>
-    <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_next_update'>next_update</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="revoke_cert-instance_method">
-    - (<tt>Object</tt>) <strong>revoke_cert</strong>(serial, reason = nil, revoke_time = Time.now.to_i, generate_and_save = true)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Adds a certificate to the revocation list. After calling you must call
-generate_crl to sign a new CRL</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>serial</span>
-        <span class='type'>(<tt>Integer</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>serial number of the certificate to revoke</p>
-</div>
-    </li>
-    <li>
-        <span class='name'>reason</span>
-        <span class='type'>(<tt>Integer</tt>)</span>
-        <em class="default">(defaults to: <tt>nil</tt>)</em>
-        &mdash;
-        <div class='inline'>
-<p>reason for revocation</p>
-</div>
-    </li>
-    <li>
-        <span class='name'>revoke_time</span>
-        <span class='type'>(<tt>Integer</tt>)</span>
-        <em class="default">(defaults to: <tt>Time.now.to_i</tt>)</em>
-    </li>
-    <li>
-        <span class='name'>generate_and_save</span>
-        <span class='type'>(<tt>Boolean</tt>)</span>
-        <em class="default">(defaults to: <tt>true</tt>)</em>
-        &mdash;
-        <div class='inline'>
-<p>whether we want to generate the CRL and save its file (default=true)</p>
-<p>reason codes defined by rfc 5280</p>
-<p>CRLReason ::= ENUMERATED {</p>
-<pre class="code ruby"><code>unspecified             (0),
-keyCompromise           (1),
-cACompromise            (2),
-affiliationChanged      (3),
-superseded              (4),
-cessationOfOperation    (5),
-certificateHold         (6),
-removeFromCRL           (8),
-privilegeWithdrawn      (9),
-aACompromise           (10) }</code></pre>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-227
-228
-229
-230
-231
-232
-233
-234
-235
-236
-237
-238
-239
-240
-241
-242
-243</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 227</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_revoke_cert'>revoke_cert</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span><span class='id identifier rubyid_reason'>reason</span><span class='op'>=</span><span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='op'>=</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='comma'>,</span> <span class='id identifier rubyid_generate_and_save'>generate_and_save</span><span class='op'>=</span><span class='kw'>true</span><span class='rparen'>)</span>
-    <span class='kw'>if</span> <span class='kw'>not</span> <span class='id identifier rubyid_reason'>reason</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='period'>.</span><span class='id identifier rubyid_between?'>between?</span><span class='lparen'>(</span><span class='int'>0</span><span class='comma'>,</span><span class='int'>10</span><span class='rparen'>)</span>
-        <span class='id identifier rubyid_reason'>reason</span> <span class='op'>=</span> <span class='int'>0</span>
-    <span class='kw'>end</span>
-    <span class='id identifier rubyid_serial'>serial</span> <span class='op'>=</span> <span class='id identifier rubyid_serial'>serial</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
-    <span class='id identifier rubyid_reason'>reason</span> <span class='op'>=</span> <span class='id identifier rubyid_reason'>reason</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
-    <span class='id identifier rubyid_revoke_time'>revoke_time</span> <span class='op'>=</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
-    <span class='kw'>if</span> <span class='id identifier rubyid_revoked?'>revoked?</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
-        <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Cannot revoke a previously revoked certificate</span><span class='tstring_end'>&quot;</span></span>
-    <span class='kw'>end</span>
-    <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='symbol'>:reason</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_reason'>reason</span><span class='comma'>,</span> <span class='symbol'>:revoke_time</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='rbrace'>}</span>
-    <span class='kw'>if</span> <span class='id identifier rubyid_generate_and_save'>generate_and_save</span>
-        <span class='id identifier rubyid_generate_crl'>generate_crl</span><span class='lparen'>(</span><span class='rparen'>)</span>
-        <span class='id identifier rubyid_save_crl_list'>save_crl_list</span><span class='lparen'>(</span><span class='rparen'>)</span>
-    <span class='kw'>end</span>
-    <span class='kw'>nil</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="revoked?-instance_method">
-    - (<tt>Boolean</tt>) <strong>revoked?</strong>(serial)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Indicates whether the serial number has been revoked, or not.</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>serial</span>
-        <span class='type'>(<tt>Integer</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>The serial number we want to check</p>
-</div>
-    </li>
-</ul>
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>Boolean</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>True if the serial number was revoked. False, otherwise.</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-146
-147
-148</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 146</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_revoked?'>revoked?</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
-  <span class='ivar'>@revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_has_key?'>has_key?</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="revoked_cert-instance_method">
-    - (<tt>Array</tt>) <strong>revoked_cert</strong>(serial)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Serial, reason, revoke_time tuple</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>Array</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>serial, reason, revoke_time tuple</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-151
-152
-153</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 151</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_revoked_cert'>revoked_cert</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
-    <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="revoked_certs-instance_method">
-    - (<tt>Array&lt;Array&gt;</tt>) <strong>revoked_certs</strong>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns an array of serial, reason, revoke_time tuples.</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>Array&lt;Array&gt;</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>Returns an array of serial, reason, revoke_time tuples.</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-298
-299
-300
-301
-302
-303
-304</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 298</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_revoked_certs'>revoked_certs</span>
-    <span class='id identifier rubyid_ret'>ret</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
-    <span class='ivar'>@revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_keys'>keys</span><span class='period'>.</span><span class='id identifier rubyid_sort'>sort</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_serial'>serial</span><span class='op'>|</span>
-        <span class='id identifier rubyid_ret'>ret</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:reason</span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:revoke_time</span><span class='rbracket'>]</span><span class='rbracket'>]</span>
-    <span class='kw'>end</span>
-    <span class='id identifier rubyid_ret'>ret</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="save_crl_list-instance_method">
-    - (<tt>Object</tt>) <strong>save_crl_list</strong>(filename_or_io = @crl_list_file)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Saves the CRL list to a filename or IO. If the class was initialized with
-:crl_list_file, then the filename specified by that will be used by
-default.</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>filename_or_io</span>
-        <span class='type'>(<tt>String</tt>, <tt>#write</tt>, <tt>nil</tt>)</span>
-        <em class="default">(defaults to: <tt>@crl_list_file</tt>)</em>
-        &mdash;
-        <div class='inline'>
-<p>If provided, the generated crl will be written to either the file (if a
-string), or IO. If nil, then the @crl_list_file will be used. If that is
-nil, then an error will be raised.</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-313
-314
-315
-316
-317
-318
-319
-320
-321
-322</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 313</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_save_crl_list'>save_crl_list</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span> <span class='op'>=</span> <span class='ivar'>@crl_list_file</span><span class='rparen'>)</span>
-    <span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>if</span> <span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
-    <span class='id identifier rubyid_data'>data</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
-    <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_revoked_certs'>revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='id identifier rubyid_reason'>reason</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='op'>|</span>
-        <span class='id identifier rubyid_data'>data</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='comma'>,</span> <span class='id identifier rubyid_reason'>reason</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>,</span><span class='tstring_end'>'</span></span><span class='rparen'>)</span>
-    <span class='kw'>end</span>
-    <span class='id identifier rubyid_write_data'>write_data</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='comma'>,</span> <span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='rparen'>)</span>
-    <span class='kw'>nil</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="save_crl_number-instance_method">
-    - (<tt>Object</tt>) <strong>save_crl_number</strong>(filename_or_io = @crl_number_file)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Save the CRL number to a filename or IO. If the class was initialized with
-:crl_number_file, then the filename specified by that will be used by
-default.</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>filename_or_io</span>
-        <span class='type'>(<tt>String</tt>, <tt>#write</tt>, <tt>nil</tt>)</span>
-        <em class="default">(defaults to: <tt>@crl_number_file</tt>)</em>
-        &mdash;
-        <div class='inline'>
-<p>If provided, the current crl number will be written to either the file (if
-a string), or IO. If nil, then the @crl_number_file will be used. If that
-is nil, then an error will be raised.</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-331
-332
-333
-334
-335
-336
-337</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 331</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_save_crl_number'>save_crl_number</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span> <span class='op'>=</span> <span class='ivar'>@crl_number_file</span><span class='rparen'>)</span>
-    <span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>if</span> <span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
-    <span class='comment'># No valid filename or IO was specified, so bail.
-</span>
-    <span class='id identifier rubyid_write_data'>write_data</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='comma'>,</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_crl_number'>crl_number</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rparen'>)</span>
-    <span class='kw'>nil</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="to_crl-instance_method">
-    - (<tt><span class='object_link'><a href="Parser.html" title="R509::Crl::Parser (class)">R509::Crl::Parser</a></span></tt>) <strong>to_crl</strong>
-</h3><div class="docstring">
-  <div class="discussion">
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt><span class='object_link'><a href="Parser.html" title="R509::Crl::Parser (class)">R509::Crl::Parser</a></span></tt>)</span>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-172
-173
-174
-175</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 172</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_to_crl'>to_crl</span>
-  <span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>if</span> <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
-  <span class='kw'>return</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Crl</span><span class='op'>::</span><span class='const'>Parser</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='ivar'>@crl</span><span class='rparen'>)</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="to_der-instance_method">
-    - (<tt>String</tt>) <strong>to_der</strong>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the CRL in DER format</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>String</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>the CRL in DER format</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-167
-168
-169</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 167</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_to_der'>to_der</span>
-    <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_to_der'>to_der</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="to_pem-instance_method">
-    - (<tt>String</tt>) <strong>to_pem</strong>
-    <span class="aliases">Also known as:
-    <span class="names"><span id='to_s-instance_method'>to_s</span></span>
-    </span>
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Returns the CRL in PEM format</p>
-  </div>
-</div>
-<div class="tags">
-<p class="tag_title">Returns:</p>
-<ul class="return">
-    <li>
-        <span class='type'>(<tt>String</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>the CRL in PEM format</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-158
-159
-160</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 158</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_to_pem'>to_pem</span>
-    <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_to_pem'>to_pem</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="unrevoke_cert-instance_method">
-    - (<tt>Object</tt>) <strong>unrevoke_cert</strong>(serial)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Remove serial from revocation list. After unrevoking you must call
-generate_crl to sign a new CRL</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>serial</span>
-        <span class='type'>(<tt>Integer</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>serial number of the certificate to remove from revocation</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-248
-249
-250
-251
-252
-253</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 248</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_unrevoke_cert'>unrevoke_cert</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
-    <span class='ivar'>@revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
-    <span class='id identifier rubyid_generate_crl'>generate_crl</span><span class='lparen'>(</span><span class='rparen'>)</span>
-    <span class='id identifier rubyid_save_crl_list'>save_crl_list</span><span class='lparen'>(</span><span class='rparen'>)</span>
-    <span class='kw'>nil</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="write_der-instance_method">
-    - (<tt>Object</tt>) <strong>write_der</strong>(filename_or_io)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Writes the CRL into the PEM format</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>filename_or_io</span>
-        <span class='type'>(<tt>String</tt>, <tt>#write</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>Either a string of the path for the file that you'd like to write, or an
-IO-like object.</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-189
-190
-191</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 189</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_write_der'>write_der</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='rparen'>)</span>
-    <span class='id identifier rubyid_write_data'>write_data</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='comma'>,</span> <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_to_der'>to_der</span><span class='rparen'>)</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-      <div class="method_details ">
-  <h3 class="signature " id="write_pem-instance_method">
-    - (<tt>Object</tt>) <strong>write_pem</strong>(filename_or_io)
-</h3><div class="docstring">
-  <div class="discussion">
-<p>Writes the CRL into the PEM format</p>
-  </div>
-</div>
-<div class="tags">
-  <p class="tag_title">Parameters:</p>
-<ul class="param">
-    <li>
-        <span class='name'>filename_or_io</span>
-        <span class='type'>(<tt>String</tt>, <tt>#write</tt>)</span>
-        &mdash;
-        <div class='inline'>
-<p>Either a string of the path for the file that you'd like to write, or an
-IO-like object.</p>
-</div>
-    </li>
-</ul>
-</div><table class="source_code">
-  <tr>
-    <td>
-      <pre class="lines">
-181
-182
-183</pre>
-    </td>
-    <td>
-      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 181</span>
-<span class='kw'>def</span> <span class='id identifier rubyid_write_pem'>write_pem</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='rparen'>)</span>
-    <span class='id identifier rubyid_write_data'>write_data</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='comma'>,</span> <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_to_pem'>to_pem</span><span class='rparen'>)</span>
-<span class='kw'>end</span></pre>
-    </td>
-  </tr>
-</table>
-</div>
-  </div>
-</div>
-    <div id="footer">
-  Generated on Thu Nov  8 14:19:25 2012 by
-  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.8.2.1 (ruby-1.9.3).
-</div>
-  </body>
-</html>