post review #124 - mostly to follow JRuby ext best-practices + dry-out

Author: kares

src/main/java/org/jruby/ext/openssl/OCSP.java

@@ -204,7 +204,7 @@ public static String getResponseStringForValue(IRubyObject fixnum) {
         return responseMap.get((int)rubyFixnum.getLongValue());
     }
 
-    public static RaiseException newOCSPError(Ruby runtime, Exception ex) {
+    static RaiseException newOCSPError(Ruby runtime, Exception ex) {
         return Utils.newError(runtime, _OCSP(runtime).getClass("OCSPError"), ex);
     }
 

src/main/java/org/jruby/ext/openssl/OCSPBasicResponse.java

@@ -83,6 +83,7 @@
 
 import static org.jruby.ext.openssl.Digest._Digest;
 import static org.jruby.ext.openssl.OCSP._OCSP;
+import static org.jruby.ext.openssl.OCSP.newOCSPError;
 import static org.jruby.ext.openssl.X509._X509;
 
 import java.io.IOException;
@@ -105,6 +106,7 @@
  */
 public class OCSPBasicResponse extends RubyObject {
     private static final long serialVersionUID = 8755480816625884227L;
+
     private static final String OCSP_NOCERTS = "NOCERTS";
     private static final String OCSP_NOCHAIN = "NOCHAIN";
     private static final String OCSP_NOCHECKS = "NOCHECKS";
@@ -121,9 +123,9 @@ public IRubyObject allocate(Ruby runtime, RubyClass klass) {
         }
     };
 
-    public static void createBasicResponse(final Ruby runtime, final RubyModule _OCSP) {
-        RubyClass _BasicResponse = _OCSP.defineClassUnder("BasicResponse", runtime.getObject(), BASICRESPONSE_ALLOCATOR);
-        _BasicResponse.defineAnnotatedMethods(OCSPBasicResponse.class);
+    public static void createBasicResponse(final Ruby runtime, final RubyModule OCSP) {
+        RubyClass BasicResponse = OCSP.defineClassUnder("BasicResponse", runtime.getObject(), BASICRESPONSE_ALLOCATOR);
+        BasicResponse.defineAnnotatedMethods(OCSPBasicResponse.class);
     }
 
     private byte[] nonce;
@@ -371,7 +373,7 @@ public IRubyObject sign(final ThreadContext context, IRubyObject[] args) {
 
     @JRubyMethod(name = "verify", rest = true)
     public IRubyObject verify(final ThreadContext context, IRubyObject[] args) {
-        Ruby runtime = getRuntime();
+        Ruby runtime = context.runtime;
         int flags = 0;
         IRubyObject certificates = args[0];
         IRubyObject store = args[1];
@@ -385,7 +387,7 @@ public IRubyObject verify(final ThreadContext context, IRubyObject[] args) {
         jcacvpb.setProvider("BC");
         BasicOCSPResp basicOCSPResp = getBasicOCSPResp();
 
-        java.security.cert.Certificate signer = findSignerCert(asn1BCBasicOCSPResp, convertRubyCerts(certificates), flags);
+        java.security.cert.Certificate signer = findSignerCert(context, asn1BCBasicOCSPResp, convertRubyCerts(certificates), flags);
         if ( signer == null ) return RubyBoolean.newBoolean(runtime, false);
         if ( (flags & RubyFixnum.fix2int((RubyFixnum)_OCSP(runtime).getConstant(OCSP_NOINTERN))) == 0 && 
                 (flags & RubyFixnum.fix2int((RubyFixnum)_OCSP(runtime).getConstant(OCSP_TRUSTOTHER))) != 0 ) {
@@ -426,10 +428,9 @@ else if (basicOCSPResp.getCerts() != null && (certificates != null && !((RubyArr
             RubyArray rUntrustedCerts = RubyArray.newEmptyArray(runtime);
             if (untrustedCerts != null) {
                 X509Cert[] rubyCerts = new X509Cert[untrustedCerts.size()];
-                untrustedCerts.toArray(rubyCerts);
-                rUntrustedCerts = RubyArray.newArray(runtime, rubyCerts);
+                rUntrustedCerts = RubyArray.newArray(runtime, untrustedCerts.toArray(rubyCerts));
             }
-            X509StoreContext ctx = null;
+            X509StoreContext ctx;
             try {
                 ctx = X509StoreContext.newStoreContext(context, (X509Store)store, X509Cert.wrap(runtime, signer), rUntrustedCerts);
             }
@@ -438,7 +439,7 @@ else if (basicOCSPResp.getCerts() != null && (certificates != null && !((RubyArr
             }
 
             ctx.set_purpose(context, _X509(runtime).getConstant("PURPOSE_OCSP_HELPER"));
-            ret = ((RubyBoolean)ctx.verify(context)).isTrue();
+            ret = ctx.verify(context).isTrue();
             IRubyObject chain = ctx.chain(context);
 
             if ((flags & RubyFixnum.fix2int((RubyFixnum)_OCSP(runtime).getConstant(OCSP_NOCHECKS))) > 0) {
@@ -473,20 +474,21 @@ else if (basicOCSPResp.getCerts() != null && (certificates != null && !((RubyArr
     }
 
     @JRubyMethod(name = "status")
-    public IRubyObject status() {
-        Ruby runtime = getRuntime();
-        RubyArray ret = RubyArray.newEmptyArray(runtime);
+    public IRubyObject status(ThreadContext context) {
+        final Ruby runtime = context.runtime;
+        RubyArray ret = RubyArray.newArray(runtime, singleResponses.size());
 
         for (OCSPSingleResponse resp : singleResponses) {
-            RubyArray respAry = RubyArray.newEmptyArray(runtime);
+            RubyArray respAry = RubyArray.newArray(runtime, 7);
 
-            respAry.add(resp.certid());
-            respAry.add(resp.cert_status());
-            respAry.add(resp.revocation_reason());
-            respAry.add(resp.revocation_time());
-            respAry.add(resp.this_update());
-            respAry.add(resp.next_update());
-            respAry.add(resp.extensions());
+            respAry.append(resp.certid(context));
+            respAry.append(resp.cert_status());
+            respAry.append(resp.revocation_reason());
+            respAry.append(resp.revocation_time());
+            respAry.append(resp.this_update());
+            respAry.append(resp.next_update());
+            respAry.append(resp.extensions());
+
             ret.add(respAry);
         }
 
@@ -496,7 +498,7 @@ public IRubyObject status() {
     @JRubyMethod(name = "to_der")
     public IRubyObject to_der() {
         Ruby runtime = getRuntime();
-        IRubyObject ret = null;
+        IRubyObject ret;
         try {
            ret = RubyString.newString(runtime, asn1BCBasicOCSPResp.getEncoded());
         }
@@ -630,16 +632,12 @@ private List<java.security.cert.Certificate> convertRubyCerts(IRubyObject certif
 
         return ret;
     }
-
-    private static RaiseException newOCSPError(Ruby runtime, Exception e) {
-        return Utils.newError(runtime, _OCSP(runtime).getClass("OCSPError"), e);
-    }    
 
-    private java.security.cert.Certificate findSignerCert(BasicOCSPResponse basicResp, List<java.security.cert.Certificate> certificates, int flags) {
-        Ruby runtime = getRuntime();
-        ThreadContext context = runtime.getCurrentContext();
+    private java.security.cert.Certificate findSignerCert(final ThreadContext context,
+        BasicOCSPResponse basicResp, List<java.security.cert.Certificate> certificates, int flags) {
+        final Ruby runtime = context.runtime;
         ResponderID respID = basicResp.getTbsResponseData().getResponderID();
-        java.security.cert.Certificate ret = null;
+        java.security.cert.Certificate ret;
         ret = findSignerByRespId(context, certificates, respID);
 
         if (ret == null && (flags & RubyFixnum.fix2int((RubyFixnum)_OCSP(runtime).getConstant(OCSP_NOINTERN))) == 0) {

src/main/java/org/jruby/ext/openssl/OCSPCertificateId.java

@@ -60,6 +60,7 @@
 
 import static org.jruby.ext.openssl.OCSP._OCSP;
 import static org.jruby.ext.openssl.Digest._Digest;
+import static org.jruby.ext.openssl.OCSP.newOCSPError;
 
 /**
  * An OpenSSL::OCSP::CertificateId identifies a certificate to the
@@ -314,8 +315,4 @@ public CertificateID getBCCertificateID() {
         return new CertificateID(bcCertId);
     }
 
-    private static RaiseException newOCSPError(Ruby runtime, Exception e) {
-        return Utils.newError(runtime, _OCSP(runtime).getClass("OCSPError"), e);
-    }
-
 }

src/main/java/org/jruby/ext/openssl/OCSPRequest.java

@@ -34,6 +34,8 @@
 
 import static org.jruby.ext.openssl.Digest._Digest;
 import static org.jruby.ext.openssl.OCSP._OCSP;
+import static org.jruby.ext.openssl.OCSP.newOCSPError;
+import static org.jruby.ext.openssl.OpenSSL.debugStackTrace;
 import static org.jruby.ext.openssl.X509._X509;
 
 import java.io.IOException;
@@ -205,15 +207,15 @@ public IRubyObject certid() {
     }
 
     @JRubyMethod(name = "check_nonce")
-    public IRubyObject check_nonce(IRubyObject response) {
-        Ruby runtime = getRuntime();
+    public IRubyObject check_nonce(ThreadContext context, IRubyObject response) {
+        final Ruby runtime = context.runtime;
         if (response instanceof OCSPBasicResponse) {
             OCSPBasicResponse rubyBasicRes = (OCSPBasicResponse) response;
             return checkNonceImpl(runtime, this.nonce, rubyBasicRes.getNonce());
         }
         else if (response instanceof OCSPResponse) {
             OCSPResponse rubyResp = (OCSPResponse) response;
-            return checkNonceImpl(runtime, this.nonce, ((OCSPBasicResponse)rubyResp.basic()).getNonce());
+            return checkNonceImpl(runtime, this.nonce, ((OCSPBasicResponse)rubyResp.basic(context)).getNonce());
         }
         else {
             return checkNonceImpl(runtime, this.nonce, null);
@@ -222,7 +224,7 @@ else if (response instanceof OCSPResponse) {
 
     @JRubyMethod(name = "sign", rest = true)
     public IRubyObject sign(final ThreadContext context, IRubyObject[] args) {
-        Ruby runtime = context.getRuntime();
+        final Ruby runtime = context.runtime;
 
         int flag = 0;
         IRubyObject additionalCerts = context.nil;
@@ -380,8 +382,8 @@ public IRubyObject verify(IRubyObject[] args) {
                if (!ret) return RubyBoolean.newBoolean(runtime, false);
            }
         }
-        catch ( Exception e ) {
-            e.printStackTrace();
+        catch (Exception e) {
+            debugStackTrace(e);
             throw newOCSPError(runtime, e);
         }
 
@@ -473,8 +475,5 @@ public OCSPReq getBCOCSPReq() {
         if (asn1bcReq == null) return null;
         return new OCSPReq(asn1bcReq);
     }
-    private static RaiseException newOCSPError(Ruby runtime, Exception e) {
-        return Utils.newError(runtime, _OCSP(runtime).getClass("OCSPError"), e);
-    }
 
 }

src/main/java/org/jruby/ext/openssl/OCSPResponse.java

@@ -33,6 +33,7 @@
 package org.jruby.ext.openssl;
 
 import static org.jruby.ext.openssl.OCSP._OCSP;
+import static org.jruby.ext.openssl.OCSP.newOCSPError;
 
 import java.io.IOException;
 
@@ -77,9 +78,9 @@ public OCSPResponse(Ruby runtime) {
         this(runtime, (RubyClass) _OCSP(runtime).getConstantAt("Response"));
     }
 
-    public static void createResponse(final Ruby runtime, final RubyModule _OCSP) {
-        RubyClass _request = _OCSP.defineClassUnder("Response", runtime.getObject(), RESPONSE_ALLOCATOR);
-        _request.defineAnnotatedMethods(OCSPResponse.class);
+    public static void createResponse(final Ruby runtime, final RubyModule OCSP) {
+        RubyClass Response = OCSP.defineClassUnder("Response", runtime.getObject(), RESPONSE_ALLOCATOR);
+        Response.defineAnnotatedMethods(OCSPResponse.class);
     }
 
     private org.bouncycastle.asn1.ocsp.OCSPResponse bcResp;
@@ -151,11 +152,10 @@ public IRubyObject initialize_copy(IRubyObject obj) {
     }
 
     @JRubyMethod(name = "basic")
-    public IRubyObject basic() {
-        Ruby runtime = getRuntime();
-        ThreadContext context = runtime.getCurrentContext();
+    public IRubyObject basic(ThreadContext context) {
+        Ruby runtime = context.runtime;
         if (bcResp == null || bcResp.getResponseBytes() == null || bcResp.getResponseBytes().getResponse() == null) {
-            return getRuntime().getCurrentContext().nil;
+            return context.nil;
         }
         else {
             OCSPBasicResponse ret = new OCSPBasicResponse(runtime);
@@ -188,9 +188,5 @@ public IRubyObject to_der() {
     public org.bouncycastle.asn1.ocsp.OCSPResponse getBCResp() {
         return bcResp;
     }
-            
-    private static RaiseException newOCSPError(Ruby runtime, Exception e) {
-        return Utils.newError(runtime, _OCSP(runtime).getClass("OCSPError"), e);
-    }
 
 }

src/main/java/org/jruby/ext/openssl/OCSPSingleResponse.java

@@ -33,6 +33,7 @@
 package org.jruby.ext.openssl;
 
 import static org.jruby.ext.openssl.OCSP._OCSP;
+import static org.jruby.ext.openssl.OCSP.newOCSPError;
 
 import java.io.IOException;
 import java.text.ParseException;
@@ -117,9 +118,8 @@ public IRubyObject cert_status() {
     }
 
     @JRubyMethod(name = "certid")
-    public IRubyObject certid() {
-        Ruby runtime = getRuntime();
-        ThreadContext context = runtime.getCurrentContext();
+    public IRubyObject certid(ThreadContext context) {
+        Ruby runtime = context.runtime;
         CertID bcCertId = bcSingleResponse.getCertID();
         OCSPCertificateId rubyCertId = new OCSPCertificateId(runtime); 
         try {
@@ -182,22 +182,21 @@ public IRubyObject extensions() {
         Ruby runtime = getRuntime();
         Extensions exts = bcSingleResponse.getSingleExtensions();
         if (exts == null) return RubyArray.newEmptyArray(runtime);
-        List<X509Extension> retExts = new ArrayList<X509Extension>();
-        List<ASN1ObjectIdentifier> extOids = Arrays.asList(exts.getExtensionOIDs());
-        for (ASN1ObjectIdentifier extOid : extOids) {
-            Extension ext = exts.getExtension(extOid);
+        ASN1ObjectIdentifier[] extOIDs = exts.getExtensionOIDs();
+        RubyArray retExts = runtime.newArray(extOIDs.length);
+        for (ASN1ObjectIdentifier extOID : extOIDs) {
+            Extension ext = exts.getExtension(extOID);
             ASN1Encodable extAsn1 = ext.getParsedValue();
-            X509Extension retExt = X509Extension.newExtension(runtime, extOid, extAsn1, ext.isCritical());
-            retExts.add(retExt);
+            X509Extension retExt = X509Extension.newExtension(runtime, extOID, extAsn1, ext.isCritical());
+            retExts.append(retExt);
         }
-        
-        return RubyArray.newArray(runtime, retExts);
+        return retExts;
     }
 
     @JRubyMethod(name = "next_update")
     public IRubyObject next_update() {
         Ruby runtime = getRuntime();
-        if (bcSingleResponse.getNextUpdate() == null) return runtime.getCurrentContext().nil;
+        if (bcSingleResponse.getNextUpdate() == null) return runtime.getNil();
         Date nextUpdate;
         try {
             nextUpdate = bcSingleResponse.getNextUpdate().getDate();
@@ -207,7 +206,7 @@ public IRubyObject next_update() {
         }
 
         if (nextUpdate == null) {
-            return runtime.getCurrentContext().nil;
+            return runtime.getNil();
         }
 
         return RubyTime.newTime(runtime, nextUpdate.getTime());
@@ -216,7 +215,7 @@ public IRubyObject next_update() {
     @JRubyMethod(name = "this_update")
     public IRubyObject this_update() {
         Ruby runtime = getRuntime();
-        if (bcSingleResponse.getThisUpdate() == null) return runtime.getCurrentContext().nil;
+        if (bcSingleResponse.getThisUpdate() == null) return runtime.getNil();
         Date thisUpdate;
         try {
             thisUpdate = bcSingleResponse.getThisUpdate().getDate();
@@ -232,18 +231,18 @@ public IRubyObject this_update() {
     public IRubyObject revocation_reason() {
         Ruby runtime = getRuntime();
         RubyFixnum revoked = (RubyFixnum) _OCSP(runtime).getConstant("V_CERTSTATUS_REVOKED");
-        if (bcSingleResponse.getCertStatus().getTagNo() == (int)revoked.getLongValue()) {
+        if (bcSingleResponse.getCertStatus().getTagNo() == (int) revoked.getLongValue()) {
             try {
                 RevokedInfo revokedInfo = RevokedInfo.getInstance(
-                        DERTaggedObject.fromByteArray(bcSingleResponse.getCertStatus().getStatus().toASN1Primitive().getEncoded())
-                        );
+                    DERTaggedObject.fromByteArray(bcSingleResponse.getCertStatus().getStatus().toASN1Primitive().getEncoded())
+                );
                 return RubyFixnum.newFixnum(runtime, revokedInfo.getRevocationReason().getValue().intValue());
             }
             catch (IOException e) {
                 throw newOCSPError(runtime, e);
             }
         }
-        return runtime.getCurrentContext().nil;
+        return runtime.getNil();
     }
 
     @JRubyMethod(name = "revocation_time")
@@ -261,7 +260,7 @@ public IRubyObject revocation_time() {
                 throw newOCSPError(runtime, e);
             }
         }
-        return runtime.getCurrentContext().nil;
+        return runtime.getNil();
     }
 
     @JRubyMethod(name = "to_der")
@@ -312,8 +311,5 @@ private boolean checkValidityImpl(Date thisUpdate, Date nextUpdate, int nsec, in
 
         return ret;
     }
-    
-    private static RaiseException newOCSPError(Ruby runtime, Exception e) {
-        return Utils.newError(runtime, _OCSP(runtime).getClass("OCSPError"), e);
-    }
+
 }