Class: RestClient::Windows::RootCerts

Inherits:

Object

• Object
• RestClient::Windows::RootCerts

Extended by:

FFI::Library

Includes:

Enumerable

Defined in:

lib/restclient/windows/root_certs.rb

Overview

Represents a collection of trusted root certificates.

Defined Under Namespace

Classes: CERT_CONTEXT

Class Method Summary

• .instance ⇒ RestClient::Windows::RootCerts

  Returns a new instance.

• .load_certs ⇒ Array<[OpenSSL::X509::Certificate]> private

  Returns an array of root certificates.

Instance Method Summary

• #each {|cert| ... } ⇒ Object

  Enumerates each root certificate.

• #initialize(roots) ⇒ RootCerts constructor

  A new instance of RootCerts.

Constructor Details

#initialize(roots) ⇒ RootCerts

Returns a new instance of RootCerts.

# File 'lib/restclient/windows/root_certs.rb', line 19

def initialize(roots)
  @roots = roots
end

Class Method Details

.instance ⇒ RestClient::Windows::RootCerts

Returns a new instance.

# File 'lib/restclient/windows/root_certs.rb', line 32

def self.instance
  new(self.load_certs)
end

.load_certs ⇒ Array<[OpenSSL::X509::Certificate]>

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns an array of root certificates.

# File 'lib/restclient/windows/root_certs.rb', line 40

def self.load_certs
  certs = []

  # This is based on a patch submitted to openssl:
  # http://www.mail-archive.com/openssl-dev@openssl.org/msg26958.html
  ptr = FFI::Pointer::NULL
  store = CertOpenSystemStoreA(nil, "ROOT")
  begin
    while (ptr = CertEnumCertificatesInStore(store, ptr)) and not ptr.null?
      context = CERT_CONTEXT.new(ptr)
      cert_buf = context[:pbCertEncoded].read_bytes(context[:cbCertEncoded])
      begin
        certs << OpenSSL::X509::Certificate.new(cert_buf)
      rescue => detail
        warn("Failed to import root certificate: #{detail.inspect}")
      end
    end
  ensure
    CertCloseStore(store, 0)
  end

  certs
end

Instance Method Details

#each {|cert| ... } ⇒ Object

Enumerates each root certificate.

Yield Parameters:

• cert (OpenSSL::X509::Certificate) —

  each root certificate

# File 'lib/restclient/windows/root_certs.rb', line 26

def each
  @roots.each {|cert| yield cert}
end