aboutsummaryrefslogtreecommitdiff
path: root/vendor/certificate_authority/lib/certificate_authority/key_material.rb
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/certificate_authority/lib/certificate_authority/key_material.rb')
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/key_material.rb148
1 files changed, 148 insertions, 0 deletions
diff --git a/vendor/certificate_authority/lib/certificate_authority/key_material.rb b/vendor/certificate_authority/lib/certificate_authority/key_material.rb
new file mode 100644
index 0000000..75ec62e
--- /dev/null
+++ b/vendor/certificate_authority/lib/certificate_authority/key_material.rb
@@ -0,0 +1,148 @@
+module CertificateAuthority
+ module KeyMaterial
+ def public_key
+ raise "Required implementation"
+ end
+
+ def private_key
+ raise "Required implementation"
+ end
+
+ def is_in_hardware?
+ raise "Required implementation"
+ end
+
+ def is_in_memory?
+ raise "Required implementation"
+ end
+
+ def self.from_x509_key_pair(pair,password=nil)
+ if password.nil?
+ key = OpenSSL::PKey::RSA.new(pair)
+ else
+ key = OpenSSL::PKey::RSA.new(pair,password)
+ end
+ mem_key = MemoryKeyMaterial.new
+ mem_key.public_key = key.public_key
+ mem_key.private_key = key
+ mem_key
+ end
+
+ def self.from_x509_public_key(public_key_pem)
+ key = OpenSSL::PKey::RSA.new(public_key_pem)
+ signing_request_key = SigningRequestKeyMaterial.new
+ signing_request_key.public_key = key.public_key
+ signing_request_key
+ end
+ end
+
+ class MemoryKeyMaterial
+ include KeyMaterial
+ include ActiveModel::Validations
+
+ attr_accessor :keypair
+ attr_accessor :private_key
+ attr_accessor :public_key
+
+ def initialize
+ end
+
+ validates_each :private_key do |record, attr, value|
+ record.errors.add :private_key, "cannot be blank" if record.private_key.nil?
+ end
+ validates_each :public_key do |record, attr, value|
+ record.errors.add :public_key, "cannot be blank" if record.public_key.nil?
+ end
+
+ def is_in_hardware?
+ false
+ end
+
+ def is_in_memory?
+ true
+ end
+
+ def generate_key(modulus_bits=2048)
+ self.keypair = OpenSSL::PKey::RSA.new(modulus_bits)
+ self.private_key = keypair
+ self.public_key = keypair.public_key
+ self.keypair
+ end
+
+ def private_key
+ @private_key
+ end
+
+ def public_key
+ @public_key
+ end
+ end
+
+ class SigningRequestKeyMaterial
+ include KeyMaterial
+ include ActiveModel::Validations
+
+ validates_each :public_key do |record, attr, value|
+ record.errors.add :public_key, "cannot be blank" if record.public_key.nil?
+ end
+
+ attr_accessor :public_key
+
+ def initialize(request=nil)
+ if request.is_a? OpenSSL::X509::Request
+ raise "Invalid certificate signing request" unless request.verify request.public_key
+ self.public_key = request.public_key
+ end
+ end
+
+ def is_in_hardware?
+ false
+ end
+
+ def is_in_memory?
+ true
+ end
+
+ def private_key
+ nil
+ end
+
+ def public_key
+ @public_key
+ end
+ end
+
+ class SigningRequestKeyMaterial
+ include KeyMaterial
+ include ActiveModel::Validations
+
+ validates_each :public_key do |record, attr, value|
+ record.errors.add :public_key, "cannot be blank" if record.public_key.nil?
+ end
+
+ attr_accessor :public_key
+
+ def initialize(request=nil)
+ if request.is_a? OpenSSL::X509::Request
+ raise "Invalid certificate signing request" unless request.verify request.public_key
+ self.public_key = request.public_key
+ end
+ end
+
+ def is_in_hardware?
+ false
+ end
+
+ def is_in_memory?
+ true
+ end
+
+ def private_key
+ nil
+ end
+
+ def public_key
+ @public_key
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 17:01:11 +0000