Class: OpenSSL::PKCS12
- Inherits:
-
Object
- Object
- OpenSSL::PKCS12
- Defined in:
- lib/openssl/pkcs12.rb
Defined Under Namespace
Classes: PKCS12Error
Instance Attribute Summary collapse
-
#ca_certs ⇒ Object
readonly
Returns the value of attribute ca_certs.
-
#certificate ⇒ Object
readonly
Returns the value of attribute certificate.
-
#key ⇒ Object
readonly
Returns the value of attribute key.
Class Method Summary collapse
Instance Method Summary collapse
- #generate(pass, alias_name, key, cert, ca = nil) ⇒ Object
-
#initialize(str = nil, password = '') ⇒ PKCS12
constructor
A new instance of PKCS12.
- #to_der ⇒ Object
Constructor Details
#initialize(str = nil, password = '') ⇒ PKCS12
Returns a new instance of PKCS12.
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/openssl/pkcs12.rb', line 22 def initialize(str = nil, password = '') return @der = nil unless str if str.is_a?(File) file = File.open(str.path, "rb") @der = file.read file.close else str.force_encoding(Encoding::ASCII_8BIT) @der = str end p12_input_stream = StringBufferInputStream.new(@der) store = SecurityHelper.getKeyStore("PKCS12") store.load(p12_input_stream, password.to_java.to_char_array) aliases = store.aliases aliases.each do |alias_name| if store.is_key_entry(alias_name) if java_certificate = store.get_certificate(alias_name) der = String.from_java_bytes(java_certificate.get_encoded) @certificate = OpenSSL::X509::Certificate.new(der) end java_key = store.get_key(alias_name, password.to_java.to_char_array) if java_key der = String.from_java_bytes(java_key.get_encoded) algorithm = java_key.get_algorithm if algorithm == "RSA" @key = OpenSSL::PKey::RSA.new(der) elsif algorithm == "DSA" @key = OpenSSL::PKey::DSA.new(der) elsif algorithm == "DH" @key = OpenSSL::PKey::DH.new(der) elsif algorithm == "EC" @key = OpenSSL::PKey::EC.new(der) else raise PKCS12Error, "Unknown key algorithm #{algorithm}" end end @ca_certs = Array.new java_ca_certs = store.get_certificate_chain(alias_name) if java_ca_certs java_ca_certs.each do |java_ca_cert| der = String.from_java_bytes(java_ca_cert.get_encoded) ruby_cert = OpenSSL::X509::Certificate.new(der) if (ruby_cert.to_pem != @certificate.to_pem) @ca_certs << ruby_cert end end end break end end rescue java.lang.Exception => e raise PKCS12Error, e.inspect end |
Instance Attribute Details
#ca_certs ⇒ Object (readonly)
Returns the value of attribute ca_certs.
20 21 22 |
# File 'lib/openssl/pkcs12.rb', line 20 def ca_certs @ca_certs end |
#certificate ⇒ Object (readonly)
Returns the value of attribute certificate.
20 21 22 |
# File 'lib/openssl/pkcs12.rb', line 20 def certificate @certificate end |
#key ⇒ Object (readonly)
Returns the value of attribute key.
20 21 22 |
# File 'lib/openssl/pkcs12.rb', line 20 def key @key end |
Class Method Details
.create(pass, name, key, cert, ca = nil) ⇒ Object
14 15 16 17 18 |
# File 'lib/openssl/pkcs12.rb', line 14 def self.create(pass, name, key, cert, ca = nil) pkcs12 = self.new pkcs12.generate(pass, name, key, cert, ca) pkcs12 end |
Instance Method Details
#generate(pass, alias_name, key, cert, ca = nil) ⇒ Object
82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
# File 'lib/openssl/pkcs12.rb', line 82 def generate(pass, alias_name, key, cert, ca = nil) @key, @certificate, @ca_certs = key, cert, ca certificates = cert.to_pem ca.each { |ca_cert| certificates << ca_cert.to_pem } if ca begin der_bytes = PEMUtils.generatePKCS12( StringReader.new(key.to_pem), certificates.to_java_bytes, alias_name, ( pass.nil? ? "" : pass ).to_java.to_char_array ) rescue java.security.KeyStoreException, java.security.cert.CertificateException => e raise PKCS12Error, e. rescue java.security.GeneralSecurityException, java.io.IOException => e raise PKCS12Error, e.inspect end @der = String.from_java_bytes(der_bytes) end |
#to_der ⇒ Object
102 103 104 |
# File 'lib/openssl/pkcs12.rb', line 102 def to_der @der end |