Module: Win32::Certstore::StoreBase
- Includes:
- Mixin::Assertions, Mixin::Crypto, Mixin::Helper, Mixin::ShellExec, Mixin::String, Mixin::Unicode
- Included in:
- Win32::Certstore
- Defined in:
- lib/win32/certstore/store_base.rb
Constant Summary
Constants included from Mixin::Crypto
Mixin::Crypto::BLOB, Mixin::Crypto::BOOL, Mixin::Crypto::BYTE, Mixin::Crypto::CERT_CLOSE_STORE_CHECK_FLAG, Mixin::Crypto::CERT_CLOSE_STORE_FORCE_FLAG, Mixin::Crypto::CERT_COMPARE_ANY, Mixin::Crypto::CERT_COMPARE_NAME_STR_W, Mixin::Crypto::CERT_COMPARE_SHA1_HASH, Mixin::Crypto::CERT_COMPARE_SHIFT, Mixin::Crypto::CERT_FIND_ANY, Mixin::Crypto::CERT_FIND_SHA1_HASH, Mixin::Crypto::CERT_FIND_SUBJECT_STR, Mixin::Crypto::CERT_INFO_SUBJECT_FLAG, Mixin::Crypto::CERT_NAME_ATTR_TYPE, Mixin::Crypto::CERT_NAME_DISABLE_IE4_UTF8_FLAG, Mixin::Crypto::CERT_NAME_DNS_TYPE, Mixin::Crypto::CERT_NAME_EMAIL_TYPE, Mixin::Crypto::CERT_NAME_FRIENDLY_DISPLAY_TYPE, Mixin::Crypto::CERT_NAME_ISSUER_FLAG, Mixin::Crypto::CERT_NAME_RDN_TYPE, Mixin::Crypto::CERT_NAME_SEARCH_ALL_NAMES_FLAG, Mixin::Crypto::CERT_NAME_SIMPLE_DISPLAY_TYPE, Mixin::Crypto::CERT_NAME_STR_ENABLE_PUNYCODE_FLAG, Mixin::Crypto::CERT_NAME_UPN_TYPE, Mixin::Crypto::CERT_NAME_URL_TYPE, Mixin::Crypto::CERT_STORE_ADD_REPLACE_EXISTING, Mixin::Crypto::CERT_STORE_ADD_USE_EXISTING, Mixin::Crypto::CERT_STORE_PROV_SYSTEM, Mixin::Crypto::CERT_SYSTEM_STORE_CURRENT_USER, Mixin::Crypto::CERT_SYSTEM_STORE_LOCAL_MACHINE, Mixin::Crypto::CERT_SYSTEM_STORE_SERVICES, Mixin::Crypto::CERT_SYSTEM_STORE_USERS, Mixin::Crypto::CRYPT_ASN_ENCODING, Mixin::Crypto::CRYPT_NDR_ENCODING, Mixin::Crypto::DWORD, Mixin::Crypto::ENCODING_TYPE, Mixin::Crypto::HCERTSTORE, Mixin::Crypto::HCRYPTPROV_LEGACY, Mixin::Crypto::INT_PTR, Mixin::Crypto::LMSTR, Mixin::Crypto::LONG, Mixin::Crypto::LPCTSTR, Mixin::Crypto::LPFILETIME, Mixin::Crypto::LPSTR, Mixin::Crypto::LPTSTR, Mixin::Crypto::LPVOID, Mixin::Crypto::PCCERT_CONTEXT, Mixin::Crypto::PCERT_INFO, Mixin::Crypto::PCTL_USAGE, Mixin::Crypto::PCTL_VERIFY_USAGE_PARA, Mixin::Crypto::PCTL_VERIFY_USAGE_STATUS, Mixin::Crypto::PKCS_7_ASN_ENCODING, Mixin::Crypto::PKCS_7_NDR_ENCODING, Mixin::Crypto::PKCS_7_OR_X509_ASN_ENCODING, Mixin::Crypto::PWSTR, Mixin::Crypto::X509_ASN_ENCODING, Mixin::Crypto::X509_NDR_ENCODING
Instance Method Summary collapse
-
#cert_add(store_handler, certificate_obj) ⇒ Object
Adding new certification in open certificate and return boolean store_handler => Open certificate store handler certificate_obj => certificate object must be in OpenSSL::X509.
-
#cert_add_pfx(certstore_handler, path, password = "", key_properties = 0) ⇒ Boolean
Adds a PFX certificate to certificate store.
-
#cert_delete(store_handler, certificate_thumbprint) ⇒ Object
Deleting certificate from open certificate store and return boolean store_handler => Open certificate store handler certificate_thumbprint => thumbprint is a hash.
-
#cert_get(certificate_thumbprint) ⇒ Object
Get certificate from open certificate store and return certificate object certificate_thumbprint => thumbprint is a hash.
-
#cert_list(store_handler) ⇒ Object
Listing certificate of open certstore and return list in json.
-
#cert_search(store_handler, search_token) ⇒ Object
Search certificate from open certificate store and return list store_handler => Open certificate store handler search_token => CN, RDN or any certificate attribute.
-
#cert_validate(certificate_thumbprint) ⇒ Object
Verify certificate from open certificate store and return boolean or exceptions store_handler => Open certificate store handler certificate_thumbprint => thumbprint is a hash.
-
#close_cert_store(certstore_handler = @certstore_handler) ⇒ Object
To close and destroy pointer of open certificate store handler.
Methods included from Mixin::Helper
#cert_ps_cmd, #valid_duration?
Methods included from Mixin::ShellExec
#powershell_exec, #powershell_exec!, #shell_out_command
Methods included from Mixin::String
#utf8_to_wide, #wide_to_utf8, #wstring
Methods included from Mixin::Assertions
#lookup_error, #validate!, #validate_certificate, #validate_certificate_obj, #validate_store, #validate_thumbprint
Methods included from FFI::Library
Instance Method Details
#cert_add(store_handler, certificate_obj) ⇒ Object
Adding new certification in open certificate and return boolean store_handler => Open certificate store handler certificate_obj => certificate object must be in OpenSSL::X509
38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/win32/certstore/store_base.rb', line 38 def cert_add(store_handler, certificate_obj) validate_certificate_obj(certificate_obj) begin cert_args = cert_add_args(store_handler, certificate_obj) if CertAddEncodedCertificateToStore(*cert_args) true else lookup_error end rescue lookup_error("add") end end |
#cert_add_pfx(certstore_handler, path, password = "", key_properties = 0) ⇒ Boolean
Adds a PFX certificate to certificate store
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/win32/certstore/store_base.rb', line 66 def cert_add_pfx(certstore_handler, path, password = "", key_properties = 0) cert_added = false # Imports a PFX BLOB and returns the handle of a store pfx_cert_store = PFXImportCertStore(CRYPT_DATA_BLOB.new(File.binread(path)), wstring(password), key_properties) raise if pfx_cert_store.null? # Find all the certificate contexts in certificate store and add them ino the store while (cert_context = CertEnumCertificatesInStore(pfx_cert_store, cert_context)) && (not cert_context.null?) # Add certificate context to the certificate store args = add_certcontxt_args(certstore_handler, cert_context) cert_added = CertAddCertificateContextToStore(*args) raise unless cert_added end cert_added rescue lookup_error("Add a PFX") ensure if pfx_cert_store && !pfx_cert_store.null? close_cert_store(pfx_cert_store) end end |
#cert_delete(store_handler, certificate_thumbprint) ⇒ Object
Deleting certificate from open certificate store and return boolean store_handler => Open certificate store handler certificate_thumbprint => thumbprint is a hash. which could be sha1 or md5.
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 |
# File 'lib/win32/certstore/store_base.rb', line 121 def cert_delete(store_handler, certificate_thumbprint) validate_thumbprint(certificate_thumbprint) thumbprint = update_thumbprint(certificate_thumbprint) cert_delete_flag = false begin cert_args = cert_find_args(store_handler, thumbprint) pcert_context = CertFindCertificateInStore(*cert_args) unless pcert_context.null? cert_delete_flag = CertDeleteCertificateFromStore(CertDuplicateCertificateContext(pcert_context)) || lookup_error end CertFreeCertificateContext(pcert_context) rescue lookup_error("delete") end cert_delete_flag end |
#cert_get(certificate_thumbprint) ⇒ Object
Get certificate from open certificate store and return certificate object certificate_thumbprint => thumbprint is a hash. which could be sha1 or md5.
90 91 92 93 94 95 96 97 98 |
# File 'lib/win32/certstore/store_base.rb', line 90 def cert_get(certificate_thumbprint) validate_thumbprint(certificate_thumbprint) thumbprint = update_thumbprint(certificate_thumbprint) cert_pem = get_cert_pem(thumbprint) cert_pem = format_pem(cert_pem) unless cert_pem.empty? build_openssl_obj(cert_pem) end end |
#cert_list(store_handler) ⇒ Object
Listing certificate of open certstore and return list in json
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 |
# File 'lib/win32/certstore/store_base.rb', line 101 def cert_list(store_handler) cert_name = memory_ptr cert_list = [] begin while (pcert_context = CertEnumCertificatesInStore(store_handler, pcert_context)) && (not pcert_context.null?) cert_args = cert_get_name_args(pcert_context, cert_name, CERT_NAME_FRIENDLY_DISPLAY_TYPE) if CertGetNameStringW(*cert_args) cert_list << cert_name.read_wstring end end CertFreeCertificateContext(pcert_context) rescue lookup_error("list") end cert_list.to_json end |
#cert_search(store_handler, search_token) ⇒ Object
Search certificate from open certificate store and return list store_handler => Open certificate store handler search_token => CN, RDN or any certificate attribute
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 |
# File 'lib/win32/certstore/store_base.rb', line 152 def cert_search(store_handler, search_token) raise ArgumentError, "Invalid search token" if !search_token || search_token.strip.empty? certificate_list = [] begin while (pcert_context = CertEnumCertificatesInStore(store_handler, pcert_context)) && !pcert_context.null? cert_property = get_cert_property(pcert_context) if cert_property.include?(search_token) certificate_list << [cert_property[CERT_NAME_FRIENDLY_DISPLAY_TYPE], cert_property[CERT_NAME_RDN_TYPE]] end end CertFreeCertificateContext(pcert_context) rescue lookup_error end certificate_list end |
#cert_validate(certificate_thumbprint) ⇒ Object
Verify certificate from open certificate store and return boolean or exceptions store_handler => Open certificate store handler certificate_thumbprint => thumbprint is a hash. which could be sha1 or md5.
141 142 143 144 145 146 147 |
# File 'lib/win32/certstore/store_base.rb', line 141 def cert_validate(certificate_thumbprint) validate_thumbprint(certificate_thumbprint) thumbprint = update_thumbprint(certificate_thumbprint) cert_pem = get_cert_pem(thumbprint) cert_pem = format_pem(cert_pem) verify_certificate(cert_pem) end |
#close_cert_store(certstore_handler = @certstore_handler) ⇒ Object
To close and destroy pointer of open certificate store handler
171 172 173 174 |
# File 'lib/win32/certstore/store_base.rb', line 171 def close_cert_store(certstore_handler = @certstore_handler) closed = CertCloseStore(certstore_handler, CERT_CLOSE_STORE_FORCE_FLAG) lookup_error("close") unless closed end |