Module: PkernelJce::IdentityFactory

Included in:
Pkernel::IdentityFactory, Pkernel::IdentityFactory, IdentityEngine
Defined in:
lib/pkernel_jce/identity.rb

Overview

IdentityFactory

Instance Method Summary collapse

Instance Method Details

#build_from_components(key, cert = nil, chain = [], provider = nil) ⇒ Object Also known as: build 



161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
 
# File 'lib/pkernel_jce/identity.rb', line 161

def build_from_components(key, cert = nil, chain = [], provider = nil)
  if key.nil?
    raise PkernelJce::Error, "Key cannot be nil to build identity"
  end

  id = Pkernel::Identity.new( { key: key, certificate: cert, chain: chain } )
  if cert.nil?
    class_eval do
      include PkernelJce::IdentityManagement
    end 
  else
    c = PkernelJce::Certificate.ensure_java_cert(cert)
    if PkernelJce::Certificate.is_issuer_cert?(c)
      class_eval do
        include PkernelJce::IdentityIssuer
        include PkernelJce::IdentityManagement
      end 
    else
      class_eval do
        include PkernelJce::IdentityManagement
      end 
    end
  end

  id.provider = provider
  
  id
end

#dump(id, opts = {}, &block) ⇒ Object

end build_from_components



192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
 
# File 'lib/pkernel_jce/identity.rb', line 192

def dump(id, opts = {}, &block)
  
  if id.nil?
    raise PkernelJce::Error, "Identity object is nil in write to keystore"
  end

  result = { }

  format = opts[:format]
  case format
  when :pkcs8, :pk8, :p8

    res = dump_pk8(id, opts, &block)

    # private key
    file = opts[:file]
    if file.nil? or file.empty?
      result[:bin] = res[:bin]
    else
      ff = java.io.File.new(file)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      fos.write res[:bin].to_java.getBytes
      fos.flush
      fos.close

      result[:file] = file
    end

    # certificate
    cfile = opts[:cert_file]
    if not cfile.nil?
      ff = java.io.File.new(cfile)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      fos.write res[:cert_bin]
      fos.flush
      fos.close
      result[:cert_file] = cfile
    else
      result[:cert_bin] = res[:cert_bin]
    end
     
    # cert chain
    cafile = opts[:ca_file]
    if not cafile.nil?
      ff = java.io.File.new(cafile)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      res[:ca_bin].each do |ca|
        fos.write ca
      end
      fos.flush
      fos.close

      result[:ca_file] = cafile
    else
      result[:ca_bin] = res[:ca_bin]
    end

    result

  when :pem

    res = dump_pem(id, opts, &block)

    # private key
    file = opts[:file]
    if file.nil? or file.empty?
      result[:bin] = res[:bin]
    else
      ff = java.io.File.new(file)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      fos.write res[:bin]
      fos.flush
      fos.close

      result[:file] = file
    end

    # public key
    cfile = opts[:pubKey_file]
    if not cfile.nil?
      ff = java.io.File.new(cfile)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      fos.write res[:pubKey_bin]
      fos.flush
      fos.close
      result[:pubKey_file] = cfile
    else
      result[:pubKey_bin] = res[:pubKey_bin]
    end
     
    # certificate
    cfile = opts[:cert_file]
    if not cfile.nil?
      ff = java.io.File.new(cfile)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      fos.write res[:cert_bin]
      fos.flush
      fos.close
      result[:cert_file] = cfile
    else
      result[:cert_bin] = res[:cert_bin]
    end
     
    # cert chain
    cafile = opts[:ca_file]
    if not cafile.nil?
      ff = java.io.File.new(cafile)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(ff)
      res[:ca_bin].each do |ca|
        fos.write ca
      end
      fos.flush
      fos.close

      result[:ca_file] = cafile
    else
      result[:ca_bin] = res[:ca_bin]
    end

    result


  else 
    # JCE/JCA keystore
    rres = dump_keystore(id, opts, &block)

    result.merge!(rres)

    file = opts[:file]
    if file.nil? or file.empty?
    else
      ff = java.io.File.new(file)
      ff.parent_file.mkdirs if not ff.parent_file.exists?
      fos = java.io.FileOutputStream.new(file)
      fos.write result[:bin]
      fos.flush
      fos.close

      result[:file] = file
    end

    result
  end

end

#dump_to_file(id, file, opts = { }, &block) ⇒ Object

Raises:



345
346
347
348
349
 
# File 'lib/pkernel_jce/identity.rb', line 345

def dump_to_file(id, file, opts = { }, &block)  
  opts = { } if opts.nil?
  raise PkernelJce::Error, "Option for dump to file must be a hash" if not opts.is_a?(Hash)
  dump(id, opts.merge({ file: file }), &block)
end

#dump_to_file_p8(id, idFile, certFile, caFile, password, opts = { }, &block) ⇒ Object

Raises:



351
352
353
354
355
356
357
358
359
360
 
# File 'lib/pkernel_jce/identity.rb', line 351

def dump_to_file_p8(id, idFile, certFile, caFile, password, opts = { }, &block)
  opts = { } if opts.nil?
  raise PkernelJce::Error, "Option for dump to file in pkcs8 format must be a hash" if not opts.is_a?(Hash)
  
  raise PkernelJce::Error, "Identity file path cannot be empty" if empty?(idFile) 
  raise PkernelJce::Error, "Certificate file path cannot be empty" if empty?(certFile) 
  raise PkernelJce::Error, "CA chain file path cannot be empty" if empty?(caFile) 

  dump(id, opts.merge({ file: idFile, cert_file: certFile, ca_file: caFile, format: :pkcs8 }),&block)
end

#load(opts = {}, &block) ⇒ Object 



362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
 
# File 'lib/pkernel_jce/identity.rb', line 362

def load(opts = {}, &block)

  format = opts[:format]
  case format
  when :pk8, :p8, :pkcs8
    res = load_pk8(opts, &block)
  when :pem
    res = load_pem(opts, &block)
  else
    res = load_keystore(opts, &block)
  end

  if res[:key].nil?
    raise Pkernel::Error, "Failed to load key from the store."
  end

  Pkernel::Identity.new( { privKey: res[:key], certificate: res[:cert], chain: res[:chain] } )
end