From 18ffd7efe05e55a3cf907309d5cd8b97aeec61c5 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Sat, 17 Nov 2012 01:28:52 -0800
Subject: added ability to fingerprint x509 certs

---
 lib/leap_cli/util/x509.rb | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 lib/leap_cli/util/x509.rb

(limited to 'lib/leap_cli/util')

diff --git a/lib/leap_cli/util/x509.rb b/lib/leap_cli/util/x509.rb
new file mode 100644
index 0000000..9ecd92d
--- /dev/null
+++ b/lib/leap_cli/util/x509.rb
@@ -0,0 +1,32 @@
+require 'openssl'
+require 'certificate_authority'
+require 'digest'
+require 'digest/md5'
+require 'digest/sha1'
+
+module LeapCli; module X509
+  extend self
+
+  #
+  # returns a fingerprint of a x509 certificate
+  #
+  def fingerprint(digest, cert_file)
+    if cert_file.is_a? String
+      cert = OpenSSL::X509::Certificate.new(Util.read_file!(cert_file))
+    elsif cert_file.is_a? OpenSSL::X509::Certificate
+      cert = cert_file
+    elsif cert_file.is_a? CertificateAuthority::Certificate
+      cert = cert_file.openssl_body
+    end
+    digester = case digest
+      when "MD5" then Digest::MD5.new
+      when "SHA1" then Digest::SHA1.new
+      when "SHA256" then Digest::SHA256.new
+      when "SHA384" then Digest::SHA384.new
+      when "SHA512" then Digest::SHA512.new
+    end
+    digester.hexdigest(cert.to_der)
+  end
+
+
+end; end
-- 
cgit v1.2.3