certstore_c 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/example/manage_certstore.rb +13 -0
- data/ext/certstore/certstore.h +1 -0
- data/ext/certstore/certstore_util.c +22 -0
- data/ext/certstore/loader.c +44 -8
- data/lib/certstore/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '0910066063e5a1d4bbfeb144a111b6c14f663959aa52eef2e3eed7fa0b024d41'
|
|
4
|
+
data.tar.gz: b964fbfaa33f0a75cbc3df611fa7ea141870f8a2cf5791d4ffa2264067df0567
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5403938369f1e51832e2b299bbb08df72efb5fc7f676b17a92bb7c63836a402480503311b26ed409a07cf4ba2ca5400492c2333b79662cdb47389b4d3971d85d
|
|
7
|
+
data.tar.gz: c04387a545822a2af1c9a6fb1ff2d49dbc92a0eb09cd71e335a320754e7f4418fdc8c715475a951f27eab65d18248e0417b6367e8341a758487896e028fe3b5e
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
require 'socket'
|
|
2
|
+
require 'openssl'
|
|
3
|
+
require 'certstore'
|
|
4
|
+
|
|
5
|
+
cert_store = OpenSSL::X509::Store.new
|
|
6
|
+
loader = Certstore::OpenSSL::Loader.new(cert_store, "Trust", enterprise: true)
|
|
7
|
+
|
|
8
|
+
File.open(File.join(__dir__, "..", "./test/data/ca_cert.pem")) do |file|
|
|
9
|
+
x509_obj = OpenSSL::X509::Certificate.new(file.read)
|
|
10
|
+
thumbprint = OpenSSL::Digest::SHA1.new(x509_obj.to_der).to_s
|
|
11
|
+
loader.add_certificate(file)
|
|
12
|
+
loader.delete_certificate(thumbprint)
|
|
13
|
+
end
|
data/ext/certstore/certstore.h
CHANGED
|
@@ -21,3 +21,25 @@ wstr_to_mbstr(UINT cp, const WCHAR *wstr, int clen)
|
|
|
21
21
|
|
|
22
22
|
return ptr;
|
|
23
23
|
}
|
|
24
|
+
|
|
25
|
+
TCHAR*
|
|
26
|
+
handle_error_code(VALUE self, DWORD errCode)
|
|
27
|
+
{
|
|
28
|
+
DWORD ret;
|
|
29
|
+
static TCHAR buffer[1024];
|
|
30
|
+
|
|
31
|
+
ret = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM,
|
|
32
|
+
NULL,
|
|
33
|
+
errCode,
|
|
34
|
+
MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
|
|
35
|
+
buffer,
|
|
36
|
+
sizeof(buffer)/sizeof(buffer[0]),
|
|
37
|
+
NULL);
|
|
38
|
+
|
|
39
|
+
if (ret) {
|
|
40
|
+
rb_ivar_set(self, rb_intern("@error_code"), INT2NUM(errCode));
|
|
41
|
+
rb_ivar_set(self, rb_intern("@error_message"), rb_utf8_str_new_cstr(buffer));
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
return buffer;
|
|
45
|
+
}
|
data/ext/certstore/loader.c
CHANGED
|
@@ -10,6 +10,7 @@
|
|
|
10
10
|
/* limitations under the License. */
|
|
11
11
|
|
|
12
12
|
#include <certstore.h>
|
|
13
|
+
#include <tchar.h>
|
|
13
14
|
|
|
14
15
|
static void certstore_loader_free(void *certstore);
|
|
15
16
|
|
|
@@ -48,6 +49,10 @@ rb_win_certstore_loader_initialize(VALUE self, VALUE store_name, VALUE use_enter
|
|
|
48
49
|
VALUE vStoreName;
|
|
49
50
|
struct CertstoreLoader *loader;
|
|
50
51
|
DWORD len;
|
|
52
|
+
DWORD errCode;
|
|
53
|
+
TCHAR buffer[1024];
|
|
54
|
+
TCHAR errBuffer[1132];
|
|
55
|
+
DWORD ret;
|
|
51
56
|
|
|
52
57
|
Check_Type(store_name, T_STRING);
|
|
53
58
|
|
|
@@ -63,6 +68,32 @@ rb_win_certstore_loader_initialize(VALUE self, VALUE store_name, VALUE use_enter
|
|
|
63
68
|
loader->hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, winStoreName);
|
|
64
69
|
} else {
|
|
65
70
|
loader->hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, winStoreName);
|
|
71
|
+
}
|
|
72
|
+
errCode = GetLastError();
|
|
73
|
+
switch (errCode) {
|
|
74
|
+
case ERROR_SUCCESS:
|
|
75
|
+
break;
|
|
76
|
+
case ERROR_ACCESS_DENIED: {
|
|
77
|
+
ALLOCV_END(vStoreName);
|
|
78
|
+
ret = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM,
|
|
79
|
+
NULL,
|
|
80
|
+
errCode,
|
|
81
|
+
MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
|
|
82
|
+
buffer,
|
|
83
|
+
sizeof(buffer)/sizeof(buffer[0]),
|
|
84
|
+
NULL);
|
|
85
|
+
if (ret) {
|
|
86
|
+
_snprintf_s(errBuffer, 1024, _TRUNCATE,
|
|
87
|
+
"cannot access specified logical store. Perhaps you should do as an administrator. ErrorCode: %d, Message: %s",
|
|
88
|
+
errCode,
|
|
89
|
+
buffer);
|
|
90
|
+
rb_raise(rb_eCertLoaderError, errBuffer);
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
default: {
|
|
94
|
+
handle_error_code(self, errCode);
|
|
95
|
+
}
|
|
96
|
+
|
|
66
97
|
}
|
|
67
98
|
ALLOCV_END(vStoreName);
|
|
68
99
|
|
|
@@ -101,8 +132,9 @@ certificate_context_to_string(PCCERT_CONTEXT pContext)
|
|
|
101
132
|
certificate = malloc(sizeof(CHAR) * (strlen(utf8str) + strlen(certHeader) + strlen(certFooter)));
|
|
102
133
|
sprintf(certificate, "%s%s%s", certHeader, utf8str, certFooter);
|
|
103
134
|
|
|
104
|
-
|
|
105
|
-
|
|
135
|
+
errCode = GetLastError();
|
|
136
|
+
if (ERROR_SUCCESS != errCode && CRYPT_E_NOT_FOUND != errCode) {
|
|
137
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "ErrorCode(%d)", errCode);
|
|
106
138
|
|
|
107
139
|
goto error;
|
|
108
140
|
}
|
|
@@ -216,7 +248,7 @@ error:
|
|
|
216
248
|
|
|
217
249
|
CertFreeCertificateContext(pContext);
|
|
218
250
|
|
|
219
|
-
|
|
251
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "Cannot find certificates with thumbprint(%S)", winThumbprint);
|
|
220
252
|
rb_raise(rb_eCertLoaderError, errBuf);
|
|
221
253
|
}
|
|
222
254
|
|
|
@@ -240,9 +272,10 @@ rb_win_certstore_loader_add_certificate(VALUE self, VALUE rb_der_cert_bin_str)
|
|
|
240
272
|
|
|
241
273
|
switch (errCode){
|
|
242
274
|
case CRYPT_E_EXISTS:
|
|
275
|
+
handle_error_code(self, errCode);
|
|
243
276
|
return Qfalse;
|
|
244
277
|
default: {
|
|
245
|
-
|
|
278
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "Cannot add certificates. ErrorCode: %d", errCode);
|
|
246
279
|
goto error;
|
|
247
280
|
|
|
248
281
|
}
|
|
@@ -306,7 +339,7 @@ error:
|
|
|
306
339
|
|
|
307
340
|
CertFreeCertificateContext(pContext);
|
|
308
341
|
|
|
309
|
-
|
|
342
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "Cannot find certificates with thumbprint(%S)", winThumbprint);
|
|
310
343
|
rb_raise(rb_eCertLoaderError, errBuf);
|
|
311
344
|
}
|
|
312
345
|
|
|
@@ -350,7 +383,7 @@ rb_win_certstore_loader_export_pfx(VALUE self, VALUE rb_thumbprint, VALUE rb_pas
|
|
|
350
383
|
&blob,
|
|
351
384
|
pContext);
|
|
352
385
|
if (!pContext) {
|
|
353
|
-
|
|
386
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "Cannot find certificates with thumbprint(%S)", winThumbprint);
|
|
354
387
|
|
|
355
388
|
goto error;
|
|
356
389
|
}
|
|
@@ -360,14 +393,14 @@ rb_win_certstore_loader_export_pfx(VALUE self, VALUE rb_thumbprint, VALUE rb_pas
|
|
|
360
393
|
|
|
361
394
|
pfxPacket.pbData = NULL;
|
|
362
395
|
if (!PFXExportCertStoreEx(hMemoryStore, &pfxPacket, winPassword, NULL, EXPORT_PRIVATE_KEYS | REPORT_NO_PRIVATE_KEY | REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY)) {
|
|
363
|
-
|
|
396
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "Cannot export pfx certificate with thumbprint(%S)", winThumbprint);
|
|
364
397
|
|
|
365
398
|
goto error;
|
|
366
399
|
}
|
|
367
400
|
|
|
368
401
|
pfxPacket.pbData = (LPBYTE)CryptMemAlloc(pfxPacket.cbData);
|
|
369
402
|
if (!PFXExportCertStoreEx(hMemoryStore, &pfxPacket, winPassword, NULL, EXPORT_PRIVATE_KEYS | REPORT_NO_PRIVATE_KEY | REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY)) {
|
|
370
|
-
|
|
403
|
+
_snprintf_s(errBuf, 256, _TRUNCATE, "Cannot export pfx certificate with thumbprint(%S)", winThumbprint);
|
|
371
404
|
|
|
372
405
|
CryptMemFree(pfxPacket.pbData);
|
|
373
406
|
|
|
@@ -409,4 +442,7 @@ Init_certstore_loader(VALUE rb_mCertstore)
|
|
|
409
442
|
rb_define_method(rb_cCertLoader, "delete_cert", rb_win_certstore_loader_delete_certificate, 1);
|
|
410
443
|
rb_define_method(rb_cCertLoader, "add_cert", rb_win_certstore_loader_add_certificate, 1);
|
|
411
444
|
rb_define_method(rb_cCertLoader, "export_pfx", rb_win_certstore_loader_export_pfx, 2);
|
|
445
|
+
|
|
446
|
+
rb_ivar_set(rb_cCertLoader, rb_intern("@error_code"), INT2NUM(0));
|
|
447
|
+
rb_ivar_set(rb_cCertLoader, rb_intern("@error_message"), rb_utf8_str_new_cstr(""));
|
|
412
448
|
}
|
data/lib/certstore/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: certstore_c
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Hiroshi Hatake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-09-
|
|
11
|
+
date: 2019-09-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -103,6 +103,7 @@ files:
|
|
|
103
103
|
- bin/console
|
|
104
104
|
- bin/setup
|
|
105
105
|
- certstore_c.gemspec
|
|
106
|
+
- example/manage_certstore.rb
|
|
106
107
|
- example/open_tls_socket.rb
|
|
107
108
|
- ext/certstore/certstore.c
|
|
108
109
|
- ext/certstore/certstore.h
|