ccrypto-ruby 0.1.0 → 0.1.2

data/lib/ccrypto/ruby/engines/rsa_engine.rb

@@ -204,6 +204,15 @@ module Ccrypto
         @config.private_key.private_decrypt(enc, padVal)
       end
 
+      def self.supported_keysizes
+        [
+          Ccrypto::RSAConfig.new(1024, Ccrypto::KeypairConfig::Algo_NotRecommended), 
+          Ccrypto::RSAConfig.new(2048, Ccrypto::KeypairConfig::Algo_Active, true), 
+          Ccrypto::RSAConfig.new(4096), 
+          Ccrypto::RSAConfig.new(8192)
+        ] 
+      end
+
 
 
       #####################

data/lib/ccrypto/ruby/engines/x25519_engine.rb

@@ -0,0 +1,65 @@
+
+require 'x25519'
+
+module Ccrypto
+  module Ruby
+    
+    class X25519PublicKey < Ccrypto::X25519PublicKey
+
+    end
+
+    class X25519KeyBundle
+      include Ccrypto::X25519KeyBundle
+
+      include TR::CondUtils
+
+      include TeLogger::TeLogHelper
+      teLogger_tag :x25519_kb
+
+      def initialize(kp)
+        @nativeKeypair = kp
+      end
+
+      def public_key
+        if @pubKey.nil?
+          @pubKey = X25519PublicKey.new(@nativeKeypair.public_key)
+        end
+        @pubKey
+      end
+
+      def private_key
+        X25519PrivateKey.new(@nativeKeypair)
+      end
+
+      def derive_dh_shared_secret(pubKey)
+        
+        case pubKey
+        when Ccrypto::X25519PublicKey
+          uPubKey = pubKey.native_pubKey
+        else
+          raise KeypairEngineException, "Unknown X25519 public key type '#{pubKey.class}'"
+        end
+
+        @nativeKeypair.diffie_hellman(uPubKey).to_bytes
+      end
+
+    end # X25519KeyBundle
+
+    class X25519Engine
+      include TeLogger::TeLogHelper
+      teLogger_tag :x25519_eng
+
+      def initialize(*args, &block)
+        @config = args.first 
+        teLogger.debug "Config : #{@config}"
+      end
+
+      def generate_keypair(&block)
+        teLogger.debug "Generating X25519 keypair"
+        X25519KeyBundle.new(X25519::Scalar.generate)
+      end
+
+    end
+
+  end
+end

data/lib/ccrypto/ruby/engines/x509_csr_engine.rb

@@ -0,0 +1,128 @@
+
+require 'openssl'
+if OpenSSL::VERSION < "3.0.0"
+
+module PKeyPatch
+  def to_pem; public_key.to_pem end
+  def to_der; public_key.to_der end
+
+  #private
+  def public_key
+    key = ::OpenSSL::PKey::EC.new group
+    key.public_key = self
+    key
+  end
+end
+OpenSSL::PKey::EC::Point.prepend PKeyPatch
+
+end
+
+module Ccrypto
+  module Ruby
+    class X509CSREngine
+      include TR::CondUtils
+
+      include TeLogger::TeLogHelper
+      teLogger_tag :r_csr
+
+      def initialize(csrProfile)
+        @csrProfile = csrProfile
+      end
+
+      def generate(privKey, &block)
+
+        cp = @csrProfile
+        csr = OpenSSL::X509::Request.new
+        csr.version = 0
+        csr.subject = to_subject(cp)
+
+        case cp.public_key
+        when Ccrypto::PublicKey
+          pubKey = cp.public_key.native_pubKey
+        else
+          raise X509CSREngineException, "Public key type '#{cp.public_key.class}' is not supported"
+        end
+
+        if pubKey.is_a?(OpenSSL::PKey::EC::Point)
+          # ECC patch
+          pub = OpenSSL::PKey::EC.new(pubKey.group)
+          pub.public_key = pubKey
+          csr.public_key = pub
+        elsif pubKey.is_a?(String)
+          pub = OpenSSL::PKey::EC.new(pubKey)
+          csr.public_key = pub
+        else
+          csr.public_key = pubKey
+        end
+
+        exts = []
+        exts << OpenSSL::X509::ExtensionFactory.new.create_extension('subjectAltName', "email:#{cp.email.join(",email:")}") if not_empty?(cp.email)
+        exts << OpenSSL::X509::ExtensionFactory.new.create_extension('subjectAltName', "IP:#{cp.ip_addr.join(",IP:")}") if not_empty?(cp.ip_addr)
+        exts << OpenSSL::X509::ExtensionFactory.new.create_extension('subjectAltName', "DNS:#{cp.dns_name.join(",DNS:")}") if not_empty?(cp.dns_name)
+        exts << OpenSSL::X509::ExtensionFactory.new.create_extension('subjectAltName', "URI:#{cp.uri.join(",URI:")}") if not_empty?(cp.uri)
+
+        if not_empty?(cp.custom_extension) and cp.custom_extension.is_a?(Hash)
+          teLogger.debug "custom extension"
+          cp.custom_extension.each do |k,v|
+            case v[:type]
+            when :string 
+              exts << OpenSSL::X509::Extension.new(k, OpenSSL::ASN1::OctetString.new(v[:value]), v[:critical])
+            else
+              raise X509CSREngineException, "Unsupported custom extension type #{v[:type]}"
+            end
+          end
+        end
+
+
+        attrVal = OpenSSL::ASN1::Set [OpenSSL::ASN1::Sequence(exts)]
+        csr.add_attribute OpenSSL::X509::Attribute.new('extReq', attrVal)
+        csr.add_attribute OpenSSL::X509::Attribute.new('msExtReq', attrVal)
+
+        if not_empty?(cp.additional_attributes) and cp.additional_attributes.is_a?(Hash)
+          teLogger.debug "addtinal attributes"
+          cp.additional_attributes.each do |k,v|
+            case v[:type]
+            when :string
+              csr.add_attribute OpenSSL::X509::Attribute.new(k, OpenSSL::ASN1::Set.new([OpenSSL::ASN1::OctetString.new(v[:value])]))
+            else
+              raise X509CSREngineException, "Unknown additional attribute type #{v[:type]}"
+            end
+          end
+        end
+       
+
+        case privKey
+        when Ccrypto::KeyBundle
+          pkey = privKey.private_key.native_privKey
+        when Ccrypto::PrivateKey
+          pkey = privKey.native_privKey
+        else
+          raise X509CSREngineException, "Unsupported signing key #{privKey}"
+        end
+        
+        gcsr = csr.sign(pkey, DigestEngine.instance(cp.hashAlgo).native_instance)
+
+        Ccrypto::X509CSR.new(gcsr)
+
+      end
+
+      private
+      def to_subject(csrProf)
+        res = []
+        res << ["CN", csrProf.owner_name]
+        res << ["O", csrProf.org] if not_empty?(csrProf.org)
+        csrProf.org_unit.each do |ou|
+          res << ["OU", ou]
+        end
+
+        e = csrProf.email.first
+        if not_empty?(e)
+          res << ["emailAddress", e]
+        end
+
+        OpenSSL::X509::Name.new(res)
+      end
+
+    end
+  end
+end

data/lib/ccrypto/ruby/engines/x509_engine.rb

@@ -15,10 +15,29 @@ module Ccrypto
       def generate(issuerKey, &block)
 
         cp = @certProfile
+
+        if not_empty?(cp.csr)
+          teLogger.debug "Given cert profile with CSR"
+          generate_from_csr(cp, issuerKey, &block)
+        else
+          teLogger.debug "Given cert profile with user values"
+          generate_from_cert_profile(cp, issuerKey, &block)
+        end
+
+      end
+
+      def generate_from_cert_profile(cp, issuerKey, &block)
+
         cert = OpenSSL::X509::Certificate.new
         cert.version = 2
-        cert.serial = OpenSSL::BN.new(cp.serial, 16)
-        cert.subject = to_cert_subject
+        if is_empty?(cert.serial)
+          raise X509EngineException, "Certificate serial no and block is both not given. " if not block
+          serial = block.call(:cert_serial)
+          cert.serial = OpenSSL::BN.new(serial, 16)
+        else
+          cert.serial = OpenSSL::BN.new(cp.serial, 16)
+        end
+        cert.subject = to_cert_subject(cp)
 
         ext = OpenSSL::X509::ExtensionFactory.new
         ext.subject_certificate = cert
@@ -55,11 +74,24 @@ module Ccrypto
           pub = OpenSSL::PKey::EC.new(pubKey.group)
           pub.public_key = pubKey
           cert.public_key = pub
+
+        elsif pubKey.is_a?(String)
+          # Changes for OpenSSL v3/Ruby v3
+          # native_pubKey is no longer object, will be a binary string instead
+          pub = OpenSSL::PKey::EC.new(pubKey)
+          cert.public_key = pub
+
         else
           cert.public_key = pubKey
         end
 
-        cert.add_extension(ext.create_extension("basicConstraints","CA:TRUE",true)) if cp.gen_issuer_cert?
+        if cp.gen_issuer_cert?
+          spec = []
+          spec << "CA:TRUE"
+          spec << "pathlen:#{cp.issuer_path_len}" if not_empty?(cp.issuer_path_len)
+          cert.add_extension(ext.create_extension("basicConstraints",spec.join(","),true))
+        end
+
         cert.add_extension(ext.create_extension("subjectKeyIdentifier","hash")) if cp.gen_subj_key_id?
         cert.add_extension(ext.create_extension("authorityKeyIdentifier","keyid:always,issuer:always")) if cp.gen_auth_key_id?
 
@@ -112,6 +144,11 @@ module Ccrypto
         cert.add_extension(ext.create_extension("subjectAltName","IP:#{cp.ip_addr.join(",IP:")}",false)) if not_empty?(cp.ip_addr)
         cert.add_extension(ext.create_extension("subjectAltName","URI:#{cp.uri.join(",URI:")}",false)) if not_empty?(cp.uri)
 
+        cp.custom_extension.each do |k,v|
+          cert.add_extension(OpenSSL::X509::Extension.new(k, v[:value], v[:critical]))
+        end
+
+
         # try to sync the structure with Java BC output
         # whereby single name = multiple URI however failed
         # If single format is required need more R&D
@@ -134,6 +171,17 @@ module Ccrypto
         aia << "caIssuers;URI:#{cp.issuer_url.join(",caIssuers;URI:")}" if not_empty?(cp.issuer_url)
         cert.add_extension(ext.create_extension("authorityInfoAccess",aia.join(","),false)) if not_empty?(aia)
 
+        if not_empty?(cp.custom_extension) and cp.custom_extension.is_a?(Hash)
+          teLogger.debug "custom extension"
+          cp.custom_extension.each do |k,v|
+            case v[:type]
+            when :string 
+              cert.add_extension OpenSSL::X509::Extension.new(k, OpenSSL::ASN1::OctetString.new(v[:value]), v[:critical])
+            else
+              raise X509CSREngineException, "Unsupported custom extension type #{v[:type]}"
+            end
+          end
+        end
 
         case issuerKey
         when Ccrypto::KeyBundle
@@ -147,19 +195,171 @@ module Ccrypto
         res = cert.sign(privKey, DigestEngine.instance(cp.hashAlgo).native_instance)
 
         Ccrypto::X509Cert.new(res)
+        
+      end
+
+      def generate_from_csr(cp, issuerKey, &block)
+
+        csrObj = Ccrypto::X509CSR.new(cp.csr)
+        csrCp = csrObj.csr_info
+
+        cp.public_key = csrCp.public_key
+
+        cert = OpenSSL::X509::Certificate.new
+        cert.version = 2
+        if is_empty?(cert.serial)
+          serial = block.call(:cert_serial) if block
+          raise X509EngineException, "No serial number is given for the certificate" if is_empty?(serial)
+          cert.serial = OpenSSL::BN.new(serial, 16)
+        else
+          cert.serial = OpenSSL::BN.new(cp.serial, 16)
+        end
+
+        # allow external to add or edit parsed info before convert into actual certificate
+        csrCp = block.call(:verify_csr_info, csrCp) if block
+
+        cert.subject = to_cert_subject(csrCp)
+
+        ext = OpenSSL::X509::ExtensionFactory.new
+        ext.subject_certificate = cert
+
+        iss = cp.issuer_cert
+        iss = iss.nativeX509 if iss.is_a?(Ccrypto::X509Cert)
+
+        if not_empty?(iss) 
+          raise X509EngineException, "Issuer certificate must be X509 Certificate object" if not iss.is_a?(OpenSSL::X509::Certificate)
+          cert.issuer = iss.subject
+          ext.issuer_certificate = iss
+
+          cp.match_issuer_not_before(iss.not_before)
+          cp.match_issuer_not_after(iss.not_after)
+
+        else
+          cert.issuer = cert.subject
+          ext.issuer_certificate = cert
+        end
+
+        cert.not_before = cp.not_before 
+        cert.not_after = cp.not_after
+
+        case csrCp.public_key
+        when Ccrypto::PublicKey
+          pubKey = csrCp.public_key.native_pubKey
+        when OpenSSL::PKey::EC, OpenSSL::PKey::RSA
+          pubKey = csrCp.public_key
+        else
+          raise X509EngineException, "Public key type '#{csrCp.public_key.class}' is not supported"
+        end
+
+        if pubKey.is_a?(OpenSSL::PKey::EC::Point)
+          # ECC patch
+          pub = OpenSSL::PKey::EC.new(pubKey.group)
+          pub.public_key = pubKey
+          cert.public_key = pub
+        else
+          cert.public_key = pubKey
+        end
+
+
+        if cp.gen_issuer_cert?
+          spec = []
+          spec << "CA:TRUE"
+          spec << "pathlen:#{cp.issuer_path_len}" if not_empty?(cp.issuer_path_len)
+          cert.add_extension(ext.create_extension("basicConstraints",spec.join(","),true))
+        end
+
+        #cert.add_extension(ext.create_extension("basicConstraints","CA:TRUE,pathlen:0",true)) if cp.gen_issuer_cert?
+        cert.add_extension(ext.create_extension("subjectKeyIdentifier","hash")) if cp.gen_subj_key_id?
+        cert.add_extension(ext.create_extension("authorityKeyIdentifier","keyid:always,issuer:always")) if cp.gen_auth_key_id?
+
+        #cert.add_extension(ext.create_extension("keyUsage",to_keyusage,true))
+        cp.key_usage.selected.each do |ku,critical|
+          teLogger.debug "Setting KeyUsage : #{ku} (#{critical})"
+          case ku
+          when :crlSign
+            cert.add_extension(ext.create_extension("keyUsage","cRLSign",critical))
+          else
+            cert.add_extension(ext.create_extension("keyUsage",ku.to_s,critical))
+          end
+        end
 
+       
+        #extKeyUsage = to_extkeyusage
+        extKeyUsage = []
+        cp.ext_key_usage.selected.each do |ku,critical|
+          case ku
+          when :allPurpose
+            #kur << :anyExtendedKeyUsage
+            cert.add_extension(ext.create_extension("extendedKeyUsage","anyExtendedKeyUsage",critical)) 
+          when :timestamping
+            #kur << :timeStamping
+            cert.add_extension(ext.create_extension("extendedKeyUsage","timeStamping",critical)) 
+          when :ocspSigning
+            #kur << :oCSPSigning
+            cert.add_extension(ext.create_extension("extendedKeyUsage","oCSPSigning",critical)) 
+          when :ipSecIKE
+            #kur << :ipsecIKE
+            cert.add_extension(ext.create_extension("extendedKeyUsage","ipsecIKE",critical)) 
+          when :msCtlsign
+            #kur << :msCTLSign
+            cert.add_extension(ext.create_extension("extendedKeyUsage","msCTLSign",critical)) 
+          when :msEFS
+            #kur << :msEfs
+            cert.add_extension(ext.create_extension("extendedKeyUsage","msEfs",critical)) 
+          else
+            #kur << ku
+            cert.add_extension(ext.create_extension("extendedKeyUsage",ku.to_s,critical)) 
+          end
+        end
+
+        cp.domain_key_usage.each do |dku, critical|
+          cert.add_extension(ext.create_extension("extendedKeyUsage",dku.to_s,critical)) 
+        end
+
+        cert.add_extension(ext.create_extension("subjectAltName","email:#{csrCp.email.uniq.join(",email:")}",false)) if not_empty?(csrCp.email)
+        cert.add_extension(ext.create_extension("subjectAltName","DNS:#{csrCp.dns_name.uniq.join(",DNS:")}",false)) if not_empty?(csrCp.dns_name)
+        cert.add_extension(ext.create_extension("subjectAltName","IP:#{csrCp.ip_addr.uniq.join(",IP:")}",false)) if not_empty?(csrCp.ip_addr)
+        cert.add_extension(ext.create_extension("subjectAltName","URI:#{csrCp.uri.uniq.join(",URI:")}",false)) if not_empty?(csrCp.uri)
+
+        csrCp.custom_extension.each do |k,v|
+          cert.add_extension(OpenSSL::X509::Extension.new(k, v[:value], v[:critical]))
+        end
+
+        cert.add_extension(ext.create_extension("crlDistributionPoints","URI:#{cp.crl_dist_point.join(",URI:")}",false)) if not_empty?(cp.crl_dist_point)
+
+        aia = []
+        aia << "OCSP;URI:#{cp.ocsp_url.join(",OCSP;URI:")}" if not_empty?(cp.ocsp_url)
+        aia << "caIssuers;URI:#{cp.issuer_url.join(",caIssuers;URI:")}" if not_empty?(cp.issuer_url)
+        cert.add_extension(ext.create_extension("authorityInfoAccess",aia.join(","),false)) if not_empty?(aia)
+
+
+        case issuerKey
+        when Ccrypto::KeyBundle
+          privKey = issuerKey.private_key.native_privKey
+        when Ccrypto::PrivateKey
+          privKey = issuerKey.native_privKey
+        else
+          raise X509EngineException, "Unsupported issuer key #{issuerKey}"
+        end
+
+        res = cert.sign(privKey, DigestEngine.instance(cp.hashAlgo).native_instance)
+
+        Ccrypto::X509Cert.new(res)
+        
       end
 
       private
-      def to_cert_subject
+      def to_cert_subject(cp)
         res = []
-        res << ["CN", @certProfile.owner_name]
-        res << ["O", @certProfile.org] if not_empty?(@certProfile.org)
-        @certProfile.org_unit.each do |ou|
+        res << ["CN", cp.owner_name]
+        res << ["O", cp.org] if not_empty?(cp.org)
+        cp.org_unit.each do |ou|
           res << ["OU", ou]
         end
+        res << ["L", cp.locality] if not_empty?(cp.locality)
+        res << ["C", cp.country] if not_empty?(cp.country)
 
-        e = @certProfile.email.first
+        e = cp.email.first
         if not_empty?(e)
           res << ["emailAddress", e]
         end

data/lib/ccrypto/ruby/ext/x509_csr.rb

@@ -0,0 +1,153 @@
+
+
+module Ccrypto
+  class X509CSR
+    include TR::CondUtils
+
+    include TeLogger::TeLogHelper
+    teLogger_tag :r_csr
+
+    def initialize(csr)
+      @nativeCSR = csr
+    end
+
+    def to_bin
+      @nativeCSR.to_der
+    end
+
+    def equal?(csr)
+      if not_empty?(csr)
+        case csr
+        when String
+          @nativeCSR.to_der == csr
+        when OpenSSL::X509::Request
+          @nativeCSR.to_der == csr.to_der
+        when Ccrypto::X509CSR
+          @nativeCSR.to_der == csr.to_bin
+        else
+          raise X509CSRException, "Unknown CSR type #{csr.class}"
+        end
+      else 
+        @nativeCSR == csr
+      end
+    end
+
+    def method_missing(mtd, *args, &block)
+      @nativeCSR.send(mtd, *args, &block)
+    end
+
+    def csr_info
+      if @csrInfo.nil?
+        @csrInfo = parseCSR(@nativeCSR)
+      end
+      @csrInfo
+    end
+
+    def parseCSR(csrBin)
+
+      case csrBin
+      when String
+        csr = OpenSSL::X509::Request.new(csrBin)
+      when Ccrypto::X509CSR
+        csr = csrBin.nativeCSR
+      else
+        raise X509CSREngineException, "Unknown CSR to parse #{csrBin}"
+      end
+
+      raise X509CSRSignatureInvalid, "CSR signature is not valid!" if not csr.verify(csr.public_key)
+
+      certProf = Ccrypto::X509::CertProfile.new
+
+      csr.subject.to_a.each do |k,v,a|
+        case k
+        when "CN"
+          certProf.owner_name = v
+        when "O"
+          certProf.org = v
+        when "OU"
+          certProf.org_unit = v
+        when "emailAddress"
+          certProf.email = v
+        end
+      end
+
+      certProf.public_key = csr.public_key 
+      csr.attributes.each do |att|
+        teLogger.debug "Processing attribute ID #{att.oid}"
+        #p att.oid
+        #p att.value
+
+        att.value.each do |v|
+          case v
+          when OpenSSL::ASN1::Sequence
+            v.value.each do |vv|
+              #p vv.value[0]
+              #p vv.value[1]
+              tv = OpenSSL::ASN1.decode(vv.value[1].value)
+              case tv
+              when OpenSSL::ASN1::Sequence
+                tvv = tv.to_a
+                tvv.each do |tt|
+                  case tt.tag
+                  when 1
+                    # email
+                    certProf.email = tt.value
+                  when 2
+                    # dns
+                    certProf.dns_name = tt.value
+                  when 6
+                    # uri
+                    certProf.uri = tt.value
+                  when 7
+                    # ip address
+                    v = tt.value
+                    case v.size
+                    when 4
+                      ip = v.unpack('C*').join('.')
+                    when 6
+                      ip = v.unpack('n*').map { |o| sprintf("%X", o) }.join(':')
+                    else
+                      raise X509EngineException, "Neither IPv4 or IPv6 is given as IP address attributes"
+                    end
+                    certProf.ip_addr = ip
+
+                  else
+                    raise X509EngineException, "Unsupported CSR attributes value #{tt.tag}"
+                  end
+                  #p tt.tag
+                  #p tt.value
+                end
+
+              when OpenSSL::ASN1::OctetString
+                ## custom extension
+
+                certProf.custom_extension[vv.value[0].value] = { value: vv.value[1].value, type: :string, critical: false }
+                #cert.add_extension(OpenSSL::X509::Extension.new(vv.value[0].value,vv.value[1].value, false))
+
+              else
+                teLogger.error "Unsupported extension type #{tv.class} in target CSR"
+                #raise X509EngineException, "Unknown extension type #{tv.class}"
+              end
+            end
+
+          when OpenSSL::ASN1::OctetString
+          #  ## custom attributes
+          #  cert.add_extension(OpenSSL::X509::Extension.new(att.oid,v.value, false))
+
+          #  certProf.custom_attributes[att.oid] = { value: v.value, type: :string }
+            certProf.custom_extension[att.oid] = { value: v.value, type: :string, critical: false }
+
+          else
+            #raise X509EngineException, "Given attribute #{att.oid} has value of type #{v.class}. Not able to handle"
+            teLogger.error "Given attribute #{att.oid} has value of type #{v.class}. Not able to handle"
+          end
+        end
+
+      end
+
+      certProf
+
+    end
+
+  end
+end

data/lib/ccrypto/ruby/keybundle_store/pem_store.rb

@@ -34,7 +34,7 @@ module Ccrypto
             ECCKeyBundle.new(pKey)
           rescue OpenSSL::PKey::PKeyError => ex
             raise PEMStoreException, "block is required" if not block
-            pass = block.call(:pem_pass)
+            pass = block.call(:store_pass)
             begin
               pKey = OpenSSL::PKey.read(input, pass)
               ECCKeyBundle.new(pKey)
@@ -51,8 +51,8 @@ module Ccrypto
 
       def to_pem(&block)
         raise PEMStoreException, "Block is required" if not block
-        kcipher = block.call(:pem_cipher) 
-        kpass = block.call(:pem_pass)
+        kcipher = block.call(:store_cipher) 
+        kpass = block.call(:store_pass)
 
         kcipher = "AES-256-GCM" if is_empty?(kcipher)
 

data/lib/ccrypto/ruby/keybundle_store/pkcs12.rb

@@ -11,6 +11,7 @@ module Ccrypto
       class PKCS12StoreException < KeyBundleStorageException; end
 
       module ClassMethods
+
         def from_pkcs12(input, &block)
           raise PKCS12StoreException, "Input cannot be empty" if is_empty?(input) 
 
@@ -19,14 +20,14 @@ module Ccrypto
           inForm = block.call(:in_format)
           case inForm
           when :b64
-            inp = from_b64(bin)
+            inp = from_b64(input)
           when :hex
-            inp = from_hex(bin)
+            inp = from_hex(input)
           else
             inp = input
           end
 
-          pass = block.call(:p12_pass)
+          pass = block.call(:store_pass)
           raise PKCS12StoreException, "Password cannot be empty" if is_empty?(pass)
 
           begin
@@ -80,10 +81,10 @@ module Ccrypto
           end
         end
 
-        pass = block.call(:p12_pass)
+        pass = block.call(:store_pass) 
         raise PKCS12StoreException, "Password is required" if is_empty?(pass)
 
-        name = block.call(:p12_name)
+        name = block.call(:key_name)
         name = "Ccrypto KeyBundle" if is_empty?(name)
 
         keypair = block.call(:keypair)

data/lib/ccrypto/ruby/version.rb

@@ -2,6 +2,6 @@
 
 module Ccrypto
   module Ruby
-    VERSION = "0.1.0"
+    VERSION = "0.1.2"
   end
 end