Module: Conjur::CertUtils

Defined in:

lib/conjur/cert_utils.rb

Constant Summary

CERT_RE =

/-----BEGIN CERTIFICATE-----\n.*?\n-----END CERTIFICATE-----\n/m

Class Method Summary

• .parse_certs(certs) ⇒ Array<OpenSSL::X509::Certificate>

  Parse X509 DER-encoded certificates from a string.

Class Method Details

.parse_certs(certs) ⇒ Array<OpenSSL::X509::Certificate>

Parse X509 DER-encoded certificates from a string

Parameters:

• certs (String) —

  certificate(s) to parse in DER form

Returns:

• (Array<OpenSSL::X509::Certificate>) —

  certificates contained in the string

# File 'lib/conjur/cert_utils.rb', line 30

def parse_certs certs
  # fix any mangled namespace
  certs = certs.gsub /\s+/, "\n"
  certs.gsub! "-----BEGIN\nCERTIFICATE-----", '-----BEGIN CERTIFICATE-----'
  certs.gsub! "-----END\nCERTIFICATE-----", '-----END CERTIFICATE-----'
  certs += "\n" unless certs[-1] == "\n"

  certs.scan(CERT_RE).map do |cert|
    begin
      OpenSSL::X509::Certificate.new cert
    rescue OpenSSL::X509::CertificateError => exn
      raise exn, "Invalid certificate:\n#{cert} (#{exn.message})"
    end
  end
end