Class: AlexaSkillsRuby::CertificateValidator

Inherits:

Object

• Object
• AlexaSkillsRuby::CertificateValidator

Defined in:

lib/alexa_skills_ruby/certificate_validator.rb

Instance Method Summary

• #get_signing_certificate(pem_data) ⇒ Object
• #initialize(extra_cas = []) ⇒ CertificateValidator constructor

  A new instance of CertificateValidator.

Constructor Details

#initialize(extra_cas = []) ⇒ CertificateValidator

Returns a new instance of CertificateValidator.

# File 'lib/alexa_skills_ruby/certificate_validator.rb', line 4

def initialize(extra_cas = [])
  @store = OpenSSL::X509::Store.new.tap { |store| store.set_default_paths }
  extra_cas.each do |ca|
    case ca
      when String
        @store.add_file(ca)
      when OpenSSL::X509::Certificate
        @store.add_cert(ca)
      else
        raise AlexaSkillsRuby::ConfigurationError, 'root_certificates config option must contain only filenames as strings or OpenSSL::X509::Certificate objects'
    end
  end
end

Instance Method Details

#get_signing_certificate(pem_data) ⇒ Object

# File 'lib/alexa_skills_ruby/certificate_validator.rb', line 18

def get_signing_certificate(pem_data)
  chain = chain_certs(get_certs(pem_data))
  chain[0...-1].each do |c|
    if @store.verify(c)
      @store.add_cert(c)
    end
  end

  if @store.verify(chain.last)
    chain.last
  else
    nil
  end
end