Class: OpenSSL::PKCS12
- Inherits:
-
Object
- Object
- OpenSSL::PKCS12
- Defined in:
- lib/shared/openssl/pkcs12.rb
Defined Under Namespace
Classes: PKCS12Error
Instance Attribute Summary collapse
-
#ca_certs ⇒ Object
readonly
Returns the value of attribute ca_certs.
-
#certificate ⇒ Object
readonly
Returns the value of attribute certificate.
-
#key ⇒ Object
readonly
Returns the value of attribute key.
Class Method Summary collapse
Instance Method Summary collapse
- #generate(pass, alias_name, key, cert, ca = nil) ⇒ Object
-
#initialize(str = nil, pass = nil) ⇒ PKCS12
constructor
A new instance of PKCS12.
- #to_der ⇒ Object
Constructor Details
#initialize(str = nil, pass = nil) ⇒ PKCS12
Returns a new instance of PKCS12.
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
# File 'lib/shared/openssl/pkcs12.rb', line 26 def initialize(str = nil, pass = nil) if str if str.is_a?(File) file = File.open(str.path, "rb") @der = file.read file.close else @der = str end p12_input_stream = StringBufferInputStream.new(@der) store = KeyStore.get_instance("PKCS12") password = pass.nil? ? "" : pass begin store.load(p12_input_stream, password.to_java.to_char_array) rescue java.lang.Exception => e raise PKCS12Error, "Exception: #{e}" end aliases = store.aliases aliases.each { |alias_name| if store.is_key_entry(alias_name) begin java_certificate = store.get_certificate(alias_name) rescue java.lang.Exception => e raise PKCS12Error, "Exception: #{e}" end if java_certificate der = String.from_java_bytes(java_certificate.get_encoded) @certificate = OpenSSL::X509::Certificate.new(der) end begin java_key = store.get_key(alias_name, password.to_java.to_char_array) rescue java.lang.Exception => e raise PKCS12Error, "Exception: #{e}" end if java_key der = String.from_java_bytes(java_key.get_encoded) algorithm = java_key.get_algorithm if algorithm == "RSA" @key = OpenSSL::PKey::RSA.new(der) elsif algorithm == "DSA" @key = OpenSSL::PKey::DSA.new(der) elsif algorithm == "DH" @key = OpenSSL::PKey::DH.new(der) elsif algorithm == "EC" @key = OpenSSL::PKey::EC.new(der) else raise PKCS12Error, "Unknown key algorithm" end end @ca_certs = Array.new begin java_ca_certs = store.get_certificate_chain(alias_name) rescue java.lang.Exception => e raise PKCS12Error, "Exception #{e}" end if java_ca_certs java_ca_certs.each do |java_ca_cert| der = String.from_java_bytes(java_ca_cert.get_encoded) ruby_cert = OpenSSL::X509::Certificate.new(der) if (ruby_cert.to_pem != @certificate.to_pem) @ca_certs << ruby_cert end end end end break } else @der = nil end end |
Instance Attribute Details
#ca_certs ⇒ Object (readonly)
Returns the value of attribute ca_certs.
24 25 26 |
# File 'lib/shared/openssl/pkcs12.rb', line 24 def ca_certs @ca_certs end |
#certificate ⇒ Object (readonly)
Returns the value of attribute certificate.
24 25 26 |
# File 'lib/shared/openssl/pkcs12.rb', line 24 def certificate @certificate end |
#key ⇒ Object (readonly)
Returns the value of attribute key.
24 25 26 |
# File 'lib/shared/openssl/pkcs12.rb', line 24 def key @key end |
Class Method Details
.create(pass, name, key, cert, ca = nil) ⇒ Object
18 19 20 21 22 |
# File 'lib/shared/openssl/pkcs12.rb', line 18 def self.create(pass, name, key, cert, ca = nil) pkcs12 = self.new pkcs12.generate(pass, name, key, cert, ca) pkcs12 end |
Instance Method Details
#generate(pass, alias_name, key, cert, ca = nil) ⇒ Object
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 |
# File 'lib/shared/openssl/pkcs12.rb', line 103 def generate(pass, alias_name, key, cert, ca = nil) @key = key @certificate = cert @ca_certs = ca key_reader = StringReader.new(key.to_pem) key_pair = PEMReader.new(key_reader).read_object certificates = cert.to_pem if ca ca.each { |ca_cert| certificates << ca_cert.to_pem } end cert_input_stream = StringBufferInputStream.new(certificates) certs = CertificateFactory.get_instance("X.509").generate_certificates(cert_input_stream) store = KeyStore.get_instance("PKCS12", "BC") store.load(nil, nil) store.set_key_entry(alias_name, key_pair.get_private, nil, certs.to_array(Java::java.security.cert.Certificate[certs.size].new)) pkcs12_output_stream = ByteArrayOutputStream.new password = pass.nil? ? "" : pass; begin store.store(pkcs12_output_stream, password.to_java.to_char_array) rescue java.lang.Exception => e raise PKCS12Error, "Exception: #{e}" end @der = String.from_java_bytes(pkcs12_output_stream.to_byte_array) end |
#to_der ⇒ Object
136 137 138 |
# File 'lib/shared/openssl/pkcs12.rb', line 136 def to_der @der end |