Class: Certmeister::Policy::SignatureAlgorithm

Inherits:

Object

• Object
• Certmeister::Policy::SignatureAlgorithm

Defined in:

lib/certmeister/policy/signature_algorithm.rb

Constant Summary

DEFAULT_SIGNATURE_ALGORITHMS =

["sha256", "sha384", "sha512"]

Instance Attribute Summary

• #signature_algorithms ⇒ Object readonly

  Returns the value of attribute signature_algorithms.

Instance Method Summary

• #authenticate(request) ⇒ Object
• #initialize(signature_algorithms = DEFAULT_SIGNATURE_ALGORITHMS) ⇒ SignatureAlgorithm constructor

  A new instance of SignatureAlgorithm.

Constructor Details

#initialize(signature_algorithms = DEFAULT_SIGNATURE_ALGORITHMS) ⇒ SignatureAlgorithm

Returns a new instance of SignatureAlgorithm.

# File 'lib/certmeister/policy/signature_algorithm.rb', line 14

def initialize(signature_algorithms = DEFAULT_SIGNATURE_ALGORITHMS)
  validate_signature_algorithms(signature_algorithms)
  @signature_algorithms = signature_algorithms
end

Instance Attribute Details

#signature_algorithms ⇒ Object (readonly)

Returns the value of attribute signature_algorithms.

# File 'lib/certmeister/policy/signature_algorithm.rb', line 12

def signature_algorithms
  @signature_algorithms
end

Instance Method Details

#authenticate(request) ⇒ Object

# File 'lib/certmeister/policy/signature_algorithm.rb', line 19

def authenticate(request)
  if not request[:pem]
    return Certmeister::Policy::Response.new(false, "missing pem")
  else
    cert = OpenSSL::X509::Request.new(request[:pem])
    signature_algorithm = cert.signature_algorithm
    if signature_algorithm = check_for_supported_signature_algorithm(signature_algorithm)
      check_signature_algorithm_strength(signature_algorithm)
    else
      return Certmeister::Policy::Response.new(false, "unknown/unsupported signature algorithm (#{cert.signature_algorithm})")
    end
  end
rescue OpenSSL::X509::RequestError => e
  return Certmeister::Policy::Response.new(false, "invalid pem (#{e.message})")
end