RubyGems - r509 - Versions diffs - 0.8.1 → 0.9 - Mend

r509 0.8.1 → 0.9

Files changed (203) hide show

data/README.md +343 -151
data/Rakefile +26 -23
data/bin/r509 +126 -112
data/bin/r509-parse +24 -24
data/doc/R509.html +169 -7
data/doc/R509/ASN1.html +370 -0
data/doc/R509/ASN1/GeneralName.html +1121 -0
data/doc/R509/ASN1/GeneralNames.html +843 -0
data/doc/R509/ASN1/NoticeReference.html +392 -0
data/doc/R509/ASN1/PolicyInformation.html +387 -0
data/doc/R509/ASN1/PolicyQualifiers.html +455 -0
data/doc/R509/ASN1/UserNotice.html +386 -0
data/doc/R509/{Crl.html → CRL.html} +7 -7
data/doc/R509/CRL/Administrator.html +1559 -0
data/doc/R509/{Crl/Parser.html → CRL/SignedList.html} +501 -210
data/doc/R509/{Csr.html → CSR.html} +444 -314
data/doc/R509/Cert.html +866 -617
data/doc/R509/Cert/Extensions.html +52 -41
data/doc/R509/Cert/Extensions/AuthorityInfoAccess.html +70 -35
data/doc/R509/Cert/Extensions/AuthorityKeyIdentifier.html +387 -4
data/doc/R509/Cert/Extensions/BasicConstraints.html +61 -25
data/doc/R509/Cert/Extensions/CRLDistributionPoints.html +354 -0
data/doc/R509/Cert/Extensions/CertificatePolicies.html +340 -0
data/doc/R509/Cert/Extensions/ExtendedKeyUsage.html +440 -49
data/doc/R509/Cert/Extensions/{CrlDistributionPoints.html → InhibitAnyPolicy.html} +52 -35
data/doc/R509/Cert/Extensions/KeyUsage.html +247 -121
data/doc/R509/Cert/Extensions/NameConstraints.html +445 -0
data/doc/R509/Cert/Extensions/OCSPNoCheck.html +239 -0
data/doc/R509/Cert/Extensions/PolicyConstraints.html +424 -0
data/doc/R509/Cert/Extensions/SubjectAlternativeName.html +437 -62
data/doc/R509/Cert/Extensions/SubjectKeyIdentifier.html +52 -10
data/doc/R509/CertificateAuthority.html +4 -4
data/doc/R509/CertificateAuthority/Signer.html +154 -187
data/doc/R509/Config.html +6 -6
data/doc/R509/Config/{CaConfig.html → CAConfig.html} +451 -348
data/doc/R509/Config/{CaConfigPool.html → CAConfigPool.html} +47 -47
data/doc/R509/Config/CAProfile.html +1015 -0
data/doc/R509/Config/SubjectItemPolicy.html +86 -86
data/doc/R509/IOHelpers.html +22 -22
data/doc/R509/MessageDigest.html +14 -14
data/doc/R509/NameSanitizer.html +53 -53
data/doc/R509/{Ocsp.html → OCSP.html} +9 -9
data/doc/R509/{Ocsp → OCSP}/Request.html +7 -7
data/doc/R509/{Ocsp → OCSP}/Request/Nonce.html +56 -11
data/doc/R509/{Ocsp → OCSP}/Response.html +44 -44
data/doc/R509/{OidMapper.html → OIDMapper.html} +23 -39
data/doc/R509/PrivateKey.html +415 -168
data/doc/R509/R509Error.html +3 -3
data/doc/R509/{Spki.html → SPKI.html} +354 -192
data/doc/R509/Subject.html +224 -113
data/doc/R509/Validity.html +27 -5
data/doc/R509/Validity/Checker.html +13 -13
data/doc/R509/Validity/DefaultChecker.html +13 -13
data/doc/R509/Validity/DefaultWriter.html +14 -14
data/doc/R509/Validity/Status.html +39 -39
data/doc/R509/Validity/Writer.html +18 -18
data/doc/_index.html +138 -35
data/doc/class_list.html +1 -1
data/doc/css/style.css +10 -0
data/doc/file.README.html +368 -171
data/doc/file.r509.html +92 -69
data/doc/frames.html +1 -1
data/doc/index.html +368 -171
data/doc/method_list.html +910 -390
data/doc/top-level-namespace.html +3 -3
data/lib/r509.rb +32 -16
data/lib/r509/asn1.rb +375 -0
data/lib/r509/cert.rb +381 -364
data/lib/r509/cert/extensions.rb +443 -76
data/lib/r509/certificate_authority.rb +407 -0
data/lib/r509/config.rb +547 -351
data/lib/r509/crl.rb +336 -366
data/lib/r509/csr.rb +278 -289
data/lib/r509/ec-hack.rb +37 -0
data/lib/r509/exceptions.rb +3 -3
data/lib/r509/io_helpers.rb +44 -44
data/lib/r509/message_digest.rb +53 -0
data/lib/r509/ocsp.rb +80 -70
data/lib/r509/oid_mapper.rb +32 -0
data/lib/r509/private_key.rb +228 -0
data/lib/r509/spki.rb +145 -93
data/lib/r509/subject.rb +203 -110
data/lib/r509/validity.rb +70 -68
data/lib/r509/version.rb +2 -2
data/r509.yaml +92 -69
data/spec/asn1_spec.rb +402 -0
data/spec/cert/extensions_spec.rb +957 -494
data/spec/cert_spec.rb +382 -307
data/spec/certificate_authority_spec.rb +668 -250
data/spec/config_spec.rb +515 -302
data/spec/crl_spec.rb +197 -198
data/spec/csr_spec.rb +334 -289
data/spec/fixtures.rb +247 -171
data/spec/fixtures/cert1.der +0 -0
data/spec/fixtures/cert1.pem +0 -0
data/spec/fixtures/cert1_public_key_modulus.txt +0 -0
data/spec/fixtures/cert3.p12 +0 -0
data/spec/fixtures/cert3.pem +0 -0
data/spec/fixtures/cert3_key.pem +0 -0
data/spec/fixtures/cert3_key_des3.pem +0 -0
data/spec/fixtures/cert4.pem +0 -0
data/spec/fixtures/cert5.pem +0 -0
data/spec/fixtures/cert6.pem +0 -0
data/spec/fixtures/cert_expired.pem +0 -0
data/spec/fixtures/cert_inhibit.pem +24 -0
data/spec/fixtures/cert_name_constraints.pem +29 -0
data/spec/fixtures/cert_not_yet_valid.pem +0 -0
data/spec/fixtures/cert_ocsp_no_check.pem +18 -0
data/spec/fixtures/cert_policy_constraints.pem +31 -0
data/spec/fixtures/cert_san.pem +0 -0
data/spec/fixtures/cert_san2.pem +0 -0
data/spec/fixtures/cert_unknown_extension.pem +28 -0
data/spec/fixtures/config_pool_test_minimal.yaml +11 -11
data/spec/fixtures/config_test.yaml +54 -36
data/spec/fixtures/config_test_dsa.yaml +35 -0
data/spec/fixtures/config_test_ec.yaml +35 -0
data/spec/fixtures/config_test_engine_key.yaml +5 -5
data/spec/fixtures/config_test_engine_no_key_name.yaml +4 -4
data/spec/fixtures/config_test_minimal.yaml +4 -4
data/spec/fixtures/config_test_password.yaml +5 -5
data/spec/fixtures/config_test_various.yaml +111 -74
data/spec/fixtures/crl_list_file.txt +0 -0
data/spec/fixtures/crl_with_reason.pem +0 -0
data/spec/fixtures/csr1.der +0 -0
data/spec/fixtures/csr1.pem +0 -0
data/spec/fixtures/csr1_key.der +0 -0
data/spec/fixtures/csr1_key.pem +0 -0
data/spec/fixtures/csr1_key_encrypted_des3.pem +0 -0
data/spec/fixtures/csr1_newlines.pem +0 -0
data/spec/fixtures/csr1_no_begin_end.pem +0 -0
data/spec/fixtures/csr1_public_key_modulus.txt +0 -0
data/spec/fixtures/csr2.pem +0 -0
data/spec/fixtures/csr2_key.pem +0 -0
data/spec/fixtures/csr3.pem +0 -0
data/spec/fixtures/csr4.pem +0 -0
data/spec/fixtures/csr_dsa.pem +0 -0
data/spec/fixtures/csr_invalid_signature.pem +0 -0
data/spec/fixtures/dsa_key.pem +0 -0
data/spec/fixtures/dsa_root.cer +28 -0
data/spec/fixtures/dsa_root.key +20 -0
data/spec/fixtures/ec_csr2.der +0 -0
data/spec/fixtures/ec_csr2.pem +8 -0
data/spec/fixtures/ec_key1.der +0 -0
data/spec/fixtures/ec_key1.pem +6 -0
data/spec/fixtures/ec_key1_encrypted.pem +9 -0
data/spec/fixtures/ec_key2.pem +6 -0
data/spec/fixtures/hmacsha1.sig +1 -0
data/spec/fixtures/hmacsha512.sig +1 -0
data/spec/fixtures/key4.pem +0 -0
data/spec/fixtures/key4_encrypted_des3.pem +0 -0
data/spec/fixtures/missing_key_identifier_ca.cer +0 -0
data/spec/fixtures/missing_key_identifier_ca.key +0 -0
data/spec/fixtures/ocsptest.r509.local.pem +0 -0
data/spec/fixtures/ocsptest.r509.local_ocsp_request.der +0 -0
data/spec/fixtures/ocsptest2.r509.local.pem +0 -0
data/spec/fixtures/second_ca.cer +0 -0
data/spec/fixtures/second_ca.key +0 -0
data/spec/fixtures/spkac.der +0 -0
data/spec/fixtures/spkac.txt +0 -0
data/spec/fixtures/spkac_dsa.txt +1 -1
data/spec/fixtures/spkac_dsa_no_verify.txt +1 -0
data/spec/fixtures/spkac_ec.txt +1 -0
data/spec/fixtures/spkac_rsa_newlines.txt +13 -0
data/spec/fixtures/stca.pem +0 -0
data/spec/fixtures/stca_ocsp_request.der +0 -0
data/spec/fixtures/stca_ocsp_response.der +0 -0
data/spec/fixtures/test1.csr +0 -0
data/spec/fixtures/test_ca.cer +0 -0
data/spec/fixtures/test_ca.key +0 -0
data/spec/fixtures/test_ca.p12 +0 -0
data/spec/fixtures/test_ca_des3.key +0 -0
data/spec/fixtures/test_ca_ec.cer +14 -0
data/spec/fixtures/test_ca_ec.key +6 -0
data/spec/fixtures/test_ca_ec_ee.cer +22 -0
data/spec/fixtures/test_ca_ec_ee.key +6 -0
data/spec/fixtures/test_ca_ocsp.cer +0 -0
data/spec/fixtures/test_ca_ocsp.key +0 -0
data/spec/fixtures/test_ca_ocsp.p12 +0 -0
data/spec/fixtures/test_ca_ocsp_chain.txt +0 -0
data/spec/fixtures/test_ca_ocsp_response.der +0 -0
data/spec/fixtures/test_ca_subroot.cer +0 -0
data/spec/fixtures/test_ca_subroot.key +0 -0
data/spec/fixtures/test_ca_subroot_ocsp.cer +0 -0
data/spec/fixtures/test_ca_subroot_ocsp.key +0 -0
data/spec/fixtures/test_ca_subroot_ocsp_response.der +0 -0
data/spec/fixtures/unknown_oid.csr +0 -0
data/spec/message_digest_spec.rb +104 -84
data/spec/ocsp_spec.rb +105 -105
data/spec/oid_mapper_spec.rb +21 -21
data/spec/private_key_spec.rb +275 -0
data/spec/r509_spec.rb +35 -0
data/spec/spec_helper.rb +15 -6
data/spec/spki_spec.rb +221 -142
data/spec/subject_spec.rb +232 -164
data/spec/validity_spec.rb +91 -91
metadata +79 -25
data/doc/R509/Config/CaProfile.html +0 -651
data/doc/R509/Crl/Administrator.html +0 -2073
data/lib/r509/certificateauthority.rb +0 -290
data/lib/r509/messagedigest.rb +0 -49
data/lib/r509/oidmapper.rb +0 -32
data/lib/r509/privatekey.rb +0 -185
data/spec/privatekey_spec.rb +0 -198

data/doc/R509/ASN1/UserNotice.html ADDED Viewed

@@ -0,0 +1,386 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>
+  Class: R509::ASN1::UserNotice
+    &mdash; Documentation by YARD 0.8.5
+</title>
+  <link rel="stylesheet" href="../../css/style.css" type="text/css" media="screen" charset="utf-8" />
+  <link rel="stylesheet" href="../../css/common.css" type="text/css" media="screen" charset="utf-8" />
+<script type="text/javascript" charset="utf-8">
+  hasFrames = window.top.frames.main ? true : false;
+  relpath = '../../';
+  framesUrl = "../../frames.html#!" + escape(window.location.href);
+</script>
+  <script type="text/javascript" charset="utf-8" src="../../js/jquery.js"></script>
+  <script type="text/javascript" charset="utf-8" src="../../js/app.js"></script>
+  </head>
+  <body>
+    <div id="header">
+      <div id="menu">
+    <a href="../../_index.html">Index (U)</a> &raquo;
+    <span class='title'><span class='object_link'><a href="../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../ASN1.html" title="R509::ASN1 (module)">ASN1</a></span></span>
+     &raquo;
+    <span class="title">UserNotice</span>
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+      <div id="search">
+    <a class="full_list_link" id="class_list_link"
+        href="../../class_list.html">
+      Class List
+    </a>
+    <a class="full_list_link" id="method_list_link"
+        href="../../method_list.html">
+      Method List
+    </a>
+    <a class="full_list_link" id="file_list_link"
+        href="../../file_list.html">
+      File List
+    </a>
+</div>
+      <div class="clear"></div>
+    </div>
+    <iframe id="search_frame"></iframe>
+    <div id="content"><h1>Class: R509::ASN1::UserNotice
+</h1>
+<dl class="box">
+    <dt class="r1">Inherits:</dt>
+    <dd class="r1">
+      <span class="inheritName">Object</span>
+        <ul class="fullTree">
+          <li>Object</li>
+            <li class="next">R509::ASN1::UserNotice</li>
+        </ul>
+        <a href="#" class="inheritanceTree">show all</a>
+      </dd>
+    <dt class="r2 last">Defined in:</dt>
+    <dd class="r2 last">lib/r509/asn1.rb</dd>
+</dl>
+<div class="clear"></div>
+<h2>Overview</h2><div class="docstring">
+  <div class="discussion">
+<p>UserNotice ::= SEQUENCE {</p>
+<pre class="code ruby"><code class="ruby">noticeRef        NoticeReference OPTIONAL,
+explicitText     DisplayText OPTIONAL }</code></pre>
+  </div>
+</div>
+<div class="tags">
+</div>
+  <h2>Instance Attribute Summary <small>(<a href="#" class="summary_toggle">collapse</a>)</small></h2>
+  <ul class="summary">
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#explicit_text-instance_method" title="#explicit_text (instance method)">- (Object) <strong>explicit_text</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute explicit_text.</p>
+</div></span>
+</li>
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#notice_reference-instance_method" title="#notice_reference (instance method)">- (Object) <strong>notice_reference</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute notice_reference.</p>
+</div></span>
+</li>
+  </ul>
+    <h2>
+      Instance Method Summary
+      <small>(<a href="#" class="summary_toggle">collapse</a>)</small>
+    </h2>
+    <ul class="summary">
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#initialize-instance_method" title="#initialize (instance method)">- (UserNotice) <strong>initialize</strong>(data) </a>
+  </span>
+    <span class="note title constructor">constructor</span>
+    <span class="summary_desc"><div class='inline'>
+<p>A new instance of UserNotice.</p>
+</div></span>
+</li>
+    </ul>
+<div id="constructor_details" class="method_details_list">
+  <h2>Constructor Details</h2>
+    <div class="method_details first">
+  <h3 class="signature first" id="initialize-instance_method">
+    - (<tt><span class='object_link'><a href="" title="R509::ASN1::UserNotice (class)">UserNotice</a></span></tt>) <strong>initialize</strong>(data)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>A new instance of UserNotice</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+340
+341
+342
+343
+344
+345
+346
+347
+348
+349
+350</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/asn1.rb', line 340</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_qualifier'>qualifier</span><span class='op'>|</span>
+    <span class='comment'>#if we find another sequence, that's a noticeReference, otherwise it's explicitText
+</span>    <span class='kw'>if</span> <span class='id identifier rubyid_qualifier'>qualifier</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='op'>::</span><span class='const'>Sequence</span><span class='rparen'>)</span>
+      <span class='ivar'>@notice_reference</span> <span class='op'>=</span> <span class='const'>NoticeReference</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_qualifier'>qualifier</span><span class='rparen'>)</span>
+    <span class='kw'>else</span>
+      <span class='ivar'>@explicit_text</span> <span class='op'>=</span> <span class='id identifier rubyid_qualifier'>qualifier</span><span class='period'>.</span><span class='id identifier rubyid_value'>value</span>
+    <span class='kw'>end</span>
+  <span class='kw'>end</span> <span class='kw'>if</span> <span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:each</span><span class='rparen'>)</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+</div>
+  <div id="instance_attr_details" class="attr_details">
+    <h2>Instance Attribute Details</h2>
+      <span id=""></span>
+      <div class="method_details first">
+  <h3 class="signature first" id="explicit_text-instance_method">
+    - (<tt>Object</tt>) <strong>explicit_text</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute explicit_text</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+339
+340
+341</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/asn1.rb', line 339</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_explicit_text'>explicit_text</span>
+  <span class='ivar'>@explicit_text</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <span id=""></span>
+      <div class="method_details ">
+  <h3 class="signature " id="notice_reference-instance_method">
+    - (<tt>Object</tt>) <strong>notice_reference</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute notice_reference</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+339
+340
+341</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/asn1.rb', line 339</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_notice_reference'>notice_reference</span>
+  <span class='ivar'>@notice_reference</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+  </div>
+</div>
+    <div id="footer">
+  Generated on Tue Apr 16 10:49:56 2013 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.8.5 (ruby-1.9.3).
+</div>
+  </body>
+</html>

data/doc/R509/{Crl.html → CRL.html} RENAMED Viewed

@@ -4,9 +4,9 @@
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 <title>
-  Module: R509::Crl
+  Module: R509::CRL
-    &mdash; Documentation by YARD 0.8.2.1
+    &mdash; Documentation by YARD 0.8.5
 </title>
@@ -34,7 +34,7 @@
     <a href="../_index.html">Index (C)</a> &raquo;
     <span class='title'><span class='object_link'><a href="../R509.html" title="R509 (module)">R509</a></span></span>
      &raquo;
-    <span class="title">Crl</span>
+    <span class="title">CRL</span>
   <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
@@ -63,7 +63,7 @@
     <iframe id="search_frame"></iframe>
-    <div id="content"><h1>Module: R509::Crl
+    <div id="content"><h1>Module: R509::CRL
@@ -101,7 +101,7 @@
-      <strong class="classes">Classes:</strong> <span class='object_link'><a href="Crl/Administrator.html" title="R509::Crl::Administrator (class)">Administrator</a></span>, <span class='object_link'><a href="Crl/Parser.html" title="R509::Crl::Parser (class)">Parser</a></span>
+      <strong class="classes">Classes:</strong> <span class='object_link'><a href="CRL/Administrator.html" title="R509::CRL::Administrator (class)">Administrator</a></span>, <span class='object_link'><a href="CRL/SignedList.html" title="R509::CRL::SignedList (class)">SignedList</a></span>
 </p>
@@ -117,9 +117,9 @@
 </div>
     <div id="footer">
-  Generated on Thu Nov  8 14:19:24 2012 by
+  Generated on Tue Apr 16 10:49:55 2013 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.8.2.1 (ruby-1.9.3).
+  0.8.5 (ruby-1.9.3).
 </div>
   </body>

data/doc/R509/CRL/Administrator.html ADDED Viewed

@@ -0,0 +1,1559 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>
+  Class: R509::CRL::Administrator
+    &mdash; Documentation by YARD 0.8.5
+</title>
+  <link rel="stylesheet" href="../../css/style.css" type="text/css" media="screen" charset="utf-8" />
+  <link rel="stylesheet" href="../../css/common.css" type="text/css" media="screen" charset="utf-8" />
+<script type="text/javascript" charset="utf-8">
+  hasFrames = window.top.frames.main ? true : false;
+  relpath = '../../';
+  framesUrl = "../../frames.html#!" + escape(window.location.href);
+</script>
+  <script type="text/javascript" charset="utf-8" src="../../js/jquery.js"></script>
+  <script type="text/javascript" charset="utf-8" src="../../js/app.js"></script>
+  </head>
+  <body>
+    <div id="header">
+      <div id="menu">
+    <a href="../../_index.html">Index (A)</a> &raquo;
+    <span class='title'><span class='object_link'><a href="../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../CRL.html" title="R509::CRL (module)">CRL</a></span></span>
+     &raquo;
+    <span class="title">Administrator</span>
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+      <div id="search">
+    <a class="full_list_link" id="class_list_link"
+        href="../../class_list.html">
+      Class List
+    </a>
+    <a class="full_list_link" id="method_list_link"
+        href="../../method_list.html">
+      Method List
+    </a>
+    <a class="full_list_link" id="file_list_link"
+        href="../../file_list.html">
+      File List
+    </a>
+</div>
+      <div class="clear"></div>
+    </div>
+    <iframe id="search_frame"></iframe>
+    <div id="content"><h1>Class: R509::CRL::Administrator
+</h1>
+<dl class="box">
+    <dt class="r1">Inherits:</dt>
+    <dd class="r1">
+      <span class="inheritName">Object</span>
+        <ul class="fullTree">
+          <li>Object</li>
+            <li class="next">R509::CRL::Administrator</li>
+        </ul>
+        <a href="#" class="inheritanceTree">show all</a>
+      </dd>
+      <dt class="r2">Includes:</dt>
+      <dd class="r2"><span class='object_link'><a href="../IOHelpers.html" title="R509::IOHelpers (module)">IOHelpers</a></span></dd>
+    <dt class="r1 last">Defined in:</dt>
+    <dd class="r1 last">lib/r509/crl.rb</dd>
+</dl>
+<div class="clear"></div>
+<h2>Overview</h2><div class="docstring">
+  <div class="discussion">
+<p>Used to manage revocations and generate CRLs</p>
+  </div>
+</div>
+<div class="tags">
+</div>
+  <h2>Instance Attribute Summary <small>(<a href="#" class="summary_toggle">collapse</a>)</small></h2>
+  <ul class="summary">
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#crl-instance_method" title="#crl (instance method)">- (Object) <strong>crl</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute crl.</p>
+</div></span>
+</li>
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#crl_list_file-instance_method" title="#crl_list_file (instance method)">- (Object) <strong>crl_list_file</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute crl_list_file.</p>
+</div></span>
+</li>
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#crl_number-instance_method" title="#crl_number (instance method)">- (Object) <strong>crl_number</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute crl_number.</p>
+</div></span>
+</li>
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#crl_number_file-instance_method" title="#crl_number_file (instance method)">- (Object) <strong>crl_number_file</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute crl_number_file.</p>
+</div></span>
+</li>
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#validity_hours-instance_method" title="#validity_hours (instance method)">- (Object) <strong>validity_hours</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute validity_hours.</p>
+</div></span>
+</li>
+  </ul>
+    <h2>
+      Instance Method Summary
+      <small>(<a href="#" class="summary_toggle">collapse</a>)</small>
+    </h2>
+    <ul class="summary">
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#generate_crl-instance_method" title="#generate_crl (instance method)">- (String) <strong>generate_crl</strong> </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Remove serial from revocation list.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#initialize-instance_method" title="#initialize (instance method)">- (Administrator) <strong>initialize</strong>(config) </a>
+  </span>
+    <span class="note title constructor">constructor</span>
+    <span class="summary_desc"><div class='inline'>
+<p>A new instance of Administrator.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#revoke_cert-instance_method" title="#revoke_cert (instance method)">- (Object) <strong>revoke_cert</strong>(serial, reason = nil, revoke_time = Time.now.to_i, generate_and_save = true) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Adds a certificate to the revocation list.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#revoked%3F-instance_method" title="#revoked? (instance method)">- (Boolean) <strong>revoked?</strong>(serial) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Indicates whether the serial number has been revoked, or not.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#revoked_cert-instance_method" title="#revoked_cert (instance method)">- (Array) <strong>revoked_cert</strong>(serial) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Serial, reason, revoke_time tuple.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#revoked_certs-instance_method" title="#revoked_certs (instance method)">- (Array&lt;Array&gt;) <strong>revoked_certs</strong> </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns an array of serial, reason, revoke_time tuples.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#save_crl_list-instance_method" title="#save_crl_list (instance method)">- (Object) <strong>save_crl_list</strong>(filename_or_io = @crl_list_file) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Saves the CRL list to a filename or IO.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#save_crl_number-instance_method" title="#save_crl_number (instance method)">- (Object) <strong>save_crl_number</strong>(filename_or_io = @crl_number_file) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Save the CRL number to a filename or IO.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#unrevoke_cert-instance_method" title="#unrevoke_cert (instance method)">- (Object) <strong>unrevoke_cert</strong>(serial) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Remove serial from revocation list.</p>
+</div></span>
+</li>
+    </ul>
+  <h3 class="inherited">Methods included from <span class='object_link'><a href="../IOHelpers.html" title="R509::IOHelpers (module)">IOHelpers</a></span></h3>
+  <p class="inherited"><span class='object_link'><a href="../IOHelpers.html#read_data-instance_method" title="R509::IOHelpers#read_data (method)">#read_data</a></span>, <span class='object_link'><a href="../IOHelpers.html#read_data-class_method" title="R509::IOHelpers.read_data (method)">read_data</a></span>, <span class='object_link'><a href="../IOHelpers.html#write_data-instance_method" title="R509::IOHelpers#write_data (method)">#write_data</a></span>, <span class='object_link'><a href="../IOHelpers.html#write_data-class_method" title="R509::IOHelpers.write_data (method)">write_data</a></span></p>
+<div id="constructor_details" class="method_details_list">
+  <h2>Constructor Details</h2>
+    <div class="method_details first">
+  <h3 class="signature first" id="initialize-instance_method">
+    - (<tt><span class='object_link'><a href="" title="R509::CRL::Administrator (class)">Administrator</a></span></tt>) <strong>initialize</strong>(config)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>A new instance of Administrator</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>config</span>
+        <span class='type'>(<tt><span class='object_link'><a href="../Config/CAConfig.html" title="R509::Config::CAConfig (class)">R509::Config::CAConfig</a></span></tt>)</span>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+141
+142
+143
+144
+145
+146
+147
+148
+149
+150
+151
+152
+153
+154
+155
+156
+157
+158
+159
+160
+161
+162</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 141</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_config'>config</span><span class='rparen'>)</span>
+  <span class='ivar'>@config</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span>
+  <span class='kw'>unless</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CAConfig</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>config must be a kind of R509::Config::CAConfig</span><span class='tstring_end'>&quot;</span></span>
+  <span class='kw'>end</span>
+  <span class='ivar'>@validity_hours</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_validity_hours'>crl_validity_hours</span>
+  <span class='ivar'>@start_skew_seconds</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_start_skew_seconds'>crl_start_skew_seconds</span>
+  <span class='ivar'>@crl</span> <span class='op'>=</span> <span class='kw'>nil</span>
+  <span class='ivar'>@crl_number_file</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_number_file'>crl_number_file</span>
+  <span class='kw'>if</span> <span class='kw'>not</span> <span class='ivar'>@crl_number_file</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+    <span class='ivar'>@crl_number</span> <span class='op'>=</span> <span class='id identifier rubyid_read_data'>read_data</span><span class='lparen'>(</span><span class='ivar'>@crl_number_file</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
+  <span class='kw'>else</span>
+    <span class='ivar'>@crl_number</span> <span class='op'>=</span> <span class='int'>0</span>
+  <span class='kw'>end</span>
+  <span class='ivar'>@crl_list_file</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_crl_list_file'>crl_list_file</span>
+  <span class='id identifier rubyid_load_crl_list'>load_crl_list</span><span class='lparen'>(</span><span class='ivar'>@crl_list_file</span><span class='rparen'>)</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+</div>
+  <div id="instance_attr_details" class="attr_details">
+    <h2>Instance Attribute Details</h2>
+      <span id=""></span>
+      <div class="method_details first">
+  <h3 class="signature first" id="crl-instance_method">
+    - (<tt>Object</tt>) <strong>crl</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute crl</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+138
+139
+140</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 138</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_crl'>crl</span>
+  <span class='ivar'>@crl</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <span id=""></span>
+      <div class="method_details ">
+  <h3 class="signature " id="crl_list_file-instance_method">
+    - (<tt>Object</tt>) <strong>crl_list_file</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute crl_list_file</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+138
+139
+140</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 138</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_crl_list_file'>crl_list_file</span>
+  <span class='ivar'>@crl_list_file</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <span id=""></span>
+      <div class="method_details ">
+  <h3 class="signature " id="crl_number-instance_method">
+    - (<tt>Object</tt>) <strong>crl_number</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute crl_number</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+138
+139
+140</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 138</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_crl_number'>crl_number</span>
+  <span class='ivar'>@crl_number</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <span id=""></span>
+      <div class="method_details ">
+  <h3 class="signature " id="crl_number_file-instance_method">
+    - (<tt>Object</tt>) <strong>crl_number_file</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute crl_number_file</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+138
+139
+140</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 138</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_crl_number_file'>crl_number_file</span>
+  <span class='ivar'>@crl_number_file</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <span id=""></span>
+      <div class="method_details ">
+  <h3 class="signature " id="validity_hours-instance_method">
+    - (<tt>Object</tt>) <strong>validity_hours</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute validity_hours</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+138
+139
+140</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 138</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_validity_hours'>validity_hours</span>
+  <span class='ivar'>@validity_hours</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+  </div>
+  <div id="instance_method_details" class="method_details_list">
+    <h2>Instance Method Details</h2>
+      <div class="method_details first">
+  <h3 class="signature first" id="generate_crl-instance_method">
+    - (<tt>String</tt>) <strong>generate_crl</strong>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Remove serial from revocation list</p>
+  </div>
+</div>
+<div class="tags">
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>PEM encoded signed CRL</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+228
+229
+230
+231
+232
+233
+234
+235
+236
+237
+238
+239
+240
+241
+242
+243
+244
+245
+246
+247
+248
+249
+250
+251
+252
+253
+254
+255
+256
+257
+258
+259
+260
+261
+262
+263
+264</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 228</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_generate_crl'>generate_crl</span>
+  <span class='id identifier rubyid_crl'>crl</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>CRL</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
+  <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_version'>version</span> <span class='op'>=</span> <span class='int'>1</span>
+  <span class='id identifier rubyid_now'>now</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_at'>at</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
+  <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_last_update'>last_update</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span><span class='op'>-</span><span class='ivar'>@start_skew_seconds</span>
+  <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_next_update'>next_update</span> <span class='op'>=</span> <span class='id identifier rubyid_now'>now</span><span class='op'>+</span><span class='ivar'>@validity_hours</span><span class='op'>*</span><span class='int'>3600</span>
+  <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span><span class='period'>.</span><span class='id identifier rubyid_name'>name</span>
+  <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_revoked_certs'>revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='id identifier rubyid_reason'>reason</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='op'>|</span>
+    <span class='id identifier rubyid_revoked'>revoked</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Revoked</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
+    <span class='id identifier rubyid_revoked'>revoked</span><span class='period'>.</span><span class='id identifier rubyid_serial'>serial</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>BN</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span> <span class='id identifier rubyid_serial'>serial</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
+    <span class='id identifier rubyid_revoked'>revoked</span><span class='period'>.</span><span class='id identifier rubyid_time'>time</span> <span class='op'>=</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_at'>at</span><span class='lparen'>(</span><span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='rparen'>)</span>
+    <span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_reason'>reason</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+      <span class='id identifier rubyid_enum'>enum</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='op'>::</span><span class='const'>Enumerated</span><span class='lparen'>(</span><span class='id identifier rubyid_reason'>reason</span><span class='rparen'>)</span> <span class='comment'>#see reason codes below
+</span>      <span class='id identifier rubyid_ext'>ext</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Extension</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>CRLReason</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_enum'>enum</span><span class='rparen'>)</span>
+      <span class='id identifier rubyid_revoked'>revoked</span><span class='period'>.</span><span class='id identifier rubyid_add_extension'>add_extension</span><span class='lparen'>(</span><span class='id identifier rubyid_ext'>ext</span><span class='rparen'>)</span>
+    <span class='kw'>end</span>
+    <span class='comment'>#now add it to the crl
+</span>    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_add_revoked'>add_revoked</span><span class='lparen'>(</span><span class='id identifier rubyid_revoked'>revoked</span><span class='rparen'>)</span>
+  <span class='kw'>end</span>
+  <span class='id identifier rubyid_ef'>ef</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>ExtensionFactory</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
+  <span class='id identifier rubyid_ef'>ef</span><span class='period'>.</span><span class='id identifier rubyid_issuer_certificate'>issuer_certificate</span> <span class='op'>=</span> <span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span>
+  <span class='id identifier rubyid_ef'>ef</span><span class='period'>.</span><span class='id identifier rubyid_crl'>crl</span> <span class='op'>=</span> <span class='id identifier rubyid_crl'>crl</span>
+  <span class='comment'>#grab crl number from file, increment, write back
+</span>  <span class='id identifier rubyid_crl_number'>crl_number</span> <span class='op'>=</span> <span class='id identifier rubyid_increment_crl_number'>increment_crl_number</span>
+  <span class='id identifier rubyid_crlnum'>crlnum</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>ASN1</span><span class='op'>::</span><span class='const'>Integer</span><span class='lparen'>(</span><span class='id identifier rubyid_crl_number'>crl_number</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_add_extension'>add_extension</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Extension</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>crlNumber</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_crlnum'>crlnum</span><span class='rparen'>)</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_extensions'>extensions</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
+  <span class='id identifier rubyid_extensions'>extensions</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>authorityKeyIdentifier</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>keyid:always,issuer:always</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span>
+  <span class='id identifier rubyid_extensions'>extensions</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span><span class='lbrace'>{</span><span class='op'>|</span><span class='id identifier rubyid_oid'>oid</span><span class='comma'>,</span> <span class='id identifier rubyid_value'>value</span><span class='comma'>,</span> <span class='id identifier rubyid_critical'>critical</span><span class='op'>|</span>
+    <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_add_extension'>add_extension</span><span class='lparen'>(</span><span class='id identifier rubyid_ef'>ef</span><span class='period'>.</span><span class='id identifier rubyid_create_extension'>create_extension</span><span class='lparen'>(</span><span class='id identifier rubyid_oid'>oid</span><span class='comma'>,</span> <span class='id identifier rubyid_value'>value</span><span class='comma'>,</span> <span class='id identifier rubyid_critical'>critical</span><span class='rparen'>)</span><span class='rparen'>)</span>
+  <span class='rbrace'>}</span>
+  <span class='id identifier rubyid_crl'>crl</span><span class='period'>.</span><span class='id identifier rubyid_sign'>sign</span><span class='lparen'>(</span><span class='ivar'>@config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_key'>key</span><span class='period'>.</span><span class='id identifier rubyid_key'>key</span><span class='comma'>,</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
+  <span class='ivar'>@crl</span> <span class='op'>=</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>CRL</span><span class='op'>::</span><span class='const'>SignedList</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span> <span class='id identifier rubyid_crl'>crl</span>
+  <span class='ivar'>@crl</span><span class='period'>.</span><span class='id identifier rubyid_to_pem'>to_pem</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="revoke_cert-instance_method">
+    - (<tt>Object</tt>) <strong>revoke_cert</strong>(serial, reason = nil, revoke_time = Time.now.to_i, generate_and_save = true)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Adds a certificate to the revocation list. After calling you must call
+generate_crl to sign a new CRL</p>
+<p>reason codes defined by rfc 5280</p>
+<p>CRLReason ::= ENUMERATED {</p>
+<pre class="code ruby"><code class="ruby">unspecified       (0),
+keyCompromise       (1),
+cACompromise        (2),
+affiliationChanged    (3),
+superseded        (4),
+cessationOfOperation    (5),
+certificateHold     (6),
+removeFromCRL       (8),
+privilegeWithdrawn    (9),
+aACompromise       (10) }</code></pre>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>serial</span>
+        <span class='type'>(<tt>Integer</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>serial number of the certificate to revoke</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>reason</span>
+        <span class='type'>(<tt>Integer</tt>)</span>
+        <em class="default">(defaults to: <tt>nil</tt>)</em>
+        &mdash;
+        <div class='inline'>
+<p>reason for revocation</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>revoke_time</span>
+        <span class='type'>(<tt>Integer</tt>)</span>
+        <em class="default">(defaults to: <tt>Time.now.to_i</tt>)</em>
+    </li>
+    <li>
+        <span class='name'>generate_and_save</span>
+        <span class='type'>(<tt>Boolean</tt>)</span>
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+        &mdash;
+        <div class='inline'>
+<p>whether we want to generate the CRL and save its file (default=true)</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+197
+198
+199
+200
+201
+202
+203
+204
+205
+206
+207
+208
+209
+210
+211
+212
+213</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 197</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_revoke_cert'>revoke_cert</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span><span class='id identifier rubyid_reason'>reason</span><span class='op'>=</span><span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='op'>=</span><span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='comma'>,</span> <span class='id identifier rubyid_generate_and_save'>generate_and_save</span><span class='op'>=</span><span class='kw'>true</span><span class='rparen'>)</span>
+  <span class='kw'>if</span> <span class='kw'>not</span> <span class='id identifier rubyid_reason'>reason</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='period'>.</span><span class='id identifier rubyid_between?'>between?</span><span class='lparen'>(</span><span class='int'>0</span><span class='comma'>,</span><span class='int'>10</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_reason'>reason</span> <span class='op'>=</span> <span class='int'>0</span>
+  <span class='kw'>end</span>
+  <span class='id identifier rubyid_serial'>serial</span> <span class='op'>=</span> <span class='id identifier rubyid_serial'>serial</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
+  <span class='id identifier rubyid_reason'>reason</span> <span class='op'>=</span> <span class='id identifier rubyid_reason'>reason</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
+  <span class='id identifier rubyid_revoke_time'>revoke_time</span> <span class='op'>=</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
+  <span class='kw'>if</span> <span class='id identifier rubyid_revoked?'>revoked?</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Cannot revoke a previously revoked certificate</span><span class='tstring_end'>&quot;</span></span>
+  <span class='kw'>end</span>
+  <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='symbol'>:reason</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_reason'>reason</span><span class='comma'>,</span> <span class='symbol'>:revoke_time</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='rbrace'>}</span>
+  <span class='kw'>if</span> <span class='id identifier rubyid_generate_and_save'>generate_and_save</span>
+    <span class='id identifier rubyid_generate_crl'>generate_crl</span>
+    <span class='id identifier rubyid_save_crl_list'>save_crl_list</span>
+  <span class='kw'>end</span>
+  <span class='kw'>nil</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="revoked?-instance_method">
+    - (<tt>Boolean</tt>) <strong>revoked?</strong>(serial)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Indicates whether the serial number has been revoked, or not.</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>serial</span>
+        <span class='type'>(<tt>Integer</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>The serial number we want to check</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Boolean</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>True if the serial number was revoked. False, otherwise.</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+168
+169
+170</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 168</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_revoked?'>revoked?</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
+  <span class='ivar'>@revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_has_key?'>has_key?</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="revoked_cert-instance_method">
+    - (<tt>Array</tt>) <strong>revoked_cert</strong>(serial)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Serial, reason, revoke_time tuple</p>
+  </div>
+</div>
+<div class="tags">
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Array</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>serial, reason, revoke_time tuple</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+173
+174
+175</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 173</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_revoked_cert'>revoked_cert</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
+  <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="revoked_certs-instance_method">
+    - (<tt>Array&lt;Array&gt;</tt>) <strong>revoked_certs</strong>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns an array of serial, reason, revoke_time tuples.</p>
+  </div>
+</div>
+<div class="tags">
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Array&lt;Array&gt;</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>Returns an array of serial, reason, revoke_time tuples.</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+268
+269
+270
+271
+272
+273
+274</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 268</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_revoked_certs'>revoked_certs</span>
+  <span class='id identifier rubyid_ret'>ret</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
+  <span class='ivar'>@revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_keys'>keys</span><span class='period'>.</span><span class='id identifier rubyid_sort'>sort</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_serial'>serial</span><span class='op'>|</span>
+    <span class='id identifier rubyid_ret'>ret</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:reason</span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='ivar'>@revoked_certs</span><span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:revoke_time</span><span class='rbracket'>]</span><span class='rbracket'>]</span>
+  <span class='kw'>end</span>
+  <span class='id identifier rubyid_ret'>ret</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="save_crl_list-instance_method">
+    - (<tt>Object</tt>) <strong>save_crl_list</strong>(filename_or_io = @crl_list_file)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Saves the CRL list to a filename or IO. If the class was initialized with
+:crl_list_file, then the filename specified by that will be used by
+default.</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>filename_or_io</span>
+        <span class='type'>(<tt>String</tt>, <tt>#write</tt>, <tt>nil</tt>)</span>
+        <em class="default">(defaults to: <tt>@crl_list_file</tt>)</em>
+        &mdash;
+        <div class='inline'>
+<p>If provided, the generated crl will be written to either the file (if a
+string), or IO. If nil, then the @crl_list_file will be used. If that is
+nil, then an error will be raised.</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+283
+284
+285
+286
+287
+288
+289
+290
+291
+292</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 283</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_save_crl_list'>save_crl_list</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span> <span class='op'>=</span> <span class='ivar'>@crl_list_file</span><span class='rparen'>)</span>
+  <span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>if</span> <span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+  <span class='id identifier rubyid_data'>data</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
+  <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_revoked_certs'>revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='id identifier rubyid_reason'>reason</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='op'>|</span>
+    <span class='id identifier rubyid_data'>data</span> <span class='op'>&lt;&lt;</span> <span class='lbracket'>[</span><span class='id identifier rubyid_serial'>serial</span><span class='comma'>,</span> <span class='id identifier rubyid_revoke_time'>revoke_time</span><span class='comma'>,</span> <span class='id identifier rubyid_reason'>reason</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>'</span><span class='tstring_content'>,</span><span class='tstring_end'>'</span></span><span class='rparen'>)</span>
+  <span class='kw'>end</span>
+  <span class='id identifier rubyid_write_data'>write_data</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='comma'>,</span> <span class='id identifier rubyid_data'>data</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='rparen'>)</span>
+  <span class='kw'>nil</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="save_crl_number-instance_method">
+    - (<tt>Object</tt>) <strong>save_crl_number</strong>(filename_or_io = @crl_number_file)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Save the CRL number to a filename or IO. If the class was initialized with
+:crl_number_file, then the filename specified by that will be used by
+default.</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>filename_or_io</span>
+        <span class='type'>(<tt>String</tt>, <tt>#write</tt>, <tt>nil</tt>)</span>
+        <em class="default">(defaults to: <tt>@crl_number_file</tt>)</em>
+        &mdash;
+        <div class='inline'>
+<p>If provided, the current crl number will be written to either the file (if
+a string), or IO. If nil, then the @crl_number_file will be used. If that
+is nil, then an error will be raised.</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+301
+302
+303
+304
+305
+306
+307</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 301</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_save_crl_number'>save_crl_number</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span> <span class='op'>=</span> <span class='ivar'>@crl_number_file</span><span class='rparen'>)</span>
+  <span class='kw'>return</span> <span class='kw'>nil</span> <span class='kw'>if</span> <span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+  <span class='comment'># No valid filename or IO was specified, so bail.
+</span>
+  <span class='id identifier rubyid_write_data'>write_data</span><span class='lparen'>(</span><span class='id identifier rubyid_filename_or_io'>filename_or_io</span><span class='comma'>,</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_crl_number'>crl_number</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rparen'>)</span>
+  <span class='kw'>nil</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="unrevoke_cert-instance_method">
+    - (<tt>Object</tt>) <strong>unrevoke_cert</strong>(serial)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Remove serial from revocation list. After unrevoking you must call
+generate_crl to sign a new CRL</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>serial</span>
+        <span class='type'>(<tt>Integer</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>serial number of the certificate to remove from revocation</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+218
+219
+220
+221
+222
+223</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/crl.rb', line 218</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_unrevoke_cert'>unrevoke_cert</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
+  <span class='ivar'>@revoked_certs</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='id identifier rubyid_serial'>serial</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_generate_crl'>generate_crl</span>
+  <span class='id identifier rubyid_save_crl_list'>save_crl_list</span>
+  <span class='kw'>nil</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+  </div>
+</div>
+    <div id="footer">
+  Generated on Tue Apr 16 10:49:56 2013 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.8.5 (ruby-1.9.3).
+</div>
+  </body>
+</html>