Class: Certmeister::Policy::KeyBits

Inherits:
Object
  • Object
show all
Defined in:
lib/certmeister/policy/key_bits.rb

Constant Summary collapse

DEFAULT_MIN_KEY_BITS = 
4096

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(min_key_bits = DEFAULT_MIN_KEY_BITS) ⇒ KeyBits

Returns a new instance of KeyBits.



14
15
16
17
 
# File 'lib/certmeister/policy/key_bits.rb', line 14

def initialize(min_key_bits = DEFAULT_MIN_KEY_BITS)
  validate_min_key_bits(min_key_bits)
  @min_key_bits = min_key_bits
end

Instance Attribute Details

#min_key_bitsObject (readonly)

Returns the value of attribute min_key_bits.



12
13
14
 
# File 'lib/certmeister/policy/key_bits.rb', line 12

def min_key_bits
  @min_key_bits
end

Instance Method Details

#authenticate(request) ⇒ Object 



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/certmeister/policy/key_bits.rb', line 19

def authenticate(request)
  if not request[:csr]
    Certmeister::Policy::Response.new(false, "missing csr")
  else
    cert = OpenSSL::X509::Request.new(request[:csr])
    pkey = cert.public_key
    kbits = pkey.n.num_bytes * 8
    if kbits < @min_key_bits
      Certmeister::Policy::Response.new(false, "weak key")
    else
      Certmeister::Policy::Response.new(true, nil)
    end
  end
rescue OpenSSL::X509::RequestError => e
  Certmeister::Policy::Response.new(false, "invalid csr (#{e.message})")
end