Class: Puppet::SSL::CertificateSigner Private

Inherits:
Object
  • Object
show all
Defined in:
lib/puppet/ssl/certificate_signer.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Take care of signing a certificate in a FIPS 140-2 compliant manner.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeCertificateSigner

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of CertificateSigner.


12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'lib/puppet/ssl/certificate_signer.rb', line 12

def initialize
  if OpenSSL::Digest.const_defined?('SHA256')
    @digest = OpenSSL::Digest::SHA256
  elsif OpenSSL::Digest.const_defined?('SHA1')
    @digest = OpenSSL::Digest::SHA1
  elsif OpenSSL::Digest.const_defined?('SHA512')
    @digest = OpenSSL::Digest::SHA512
  elsif OpenSSL::Digest.const_defined?('SHA384')
    @digest = OpenSSL::Digest::SHA384
  elsif OpenSSL::Digest.const_defined?('SHA224')
    @digest = OpenSSL::Digest::SHA224
  else
    raise Puppet::Error,
      "No FIPS 140-2 compliant digest algorithm in OpenSSL::Digest"
  end
  @digest
end

Instance Attribute Details

#digestObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


10
11
12
# File 'lib/puppet/ssl/certificate_signer.rb', line 10

def digest
  @digest
end

Instance Method Details

#sign(content, key) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


30
31
32
# File 'lib/puppet/ssl/certificate_signer.rb', line 30

def sign(content, key)
  content.sign(key, @digest.new)
end