omf_common 6.0.2.pre.2 → 6.0.2

data/lib/omf_common/exec_app.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 #
 # Copyright (c) 2006-2012 National ICT Australia (NICTA), Australia
 #
@@ -36,25 +41,28 @@ class ExecApp
   # Holds the pids for all active apps
   @@all_apps = Hash.new
 
-  # True if this active app is being killed by a proper
-  # call to ExecApp.signal_all() or signal()
-  # (i.e. when the caller of ExecApp decided to stop the application,
-  # as far as we are concerned, this is a 'clean' exit)
-  @clean_exit = false
-
   # Return an application instance based on its ID
   #
   # @param [String] id of the application to return
-  def ExecApp.[](id)
+  def self.[](id)
     app = @@all_apps[id]
     logger.info "Unknown application '#{id}/#{id.class}'" if app.nil?
     return app
   end
 
-  def ExecApp.signal_all(signal = 'KILL')
+  def self.signal_all(signal = 'KILL')
     @@all_apps.each_value { |app| app.signal(signal) }
   end
 
+  attr_reader :pid, :clean_exit
+  
+  # True if this active app is being killed by a proper
+  # call to ExecApp.signal_all() or signal()
+  # (i.e. when the caller of ExecApp decided to stop the application,
+  # as far as we are concerned, this is a 'clean' exit)
+  @clean_exit = false
+
+
   def stdin(line)
     logger.debug "Writing '#{line}' to app '#{@id}'"
     @stdin.write("#{line}\n")
@@ -63,9 +71,10 @@ class ExecApp
 
   def signal(signal = 'KILL')
     @clean_exit = true
-    Process.kill(signal, @pid)
+    Process.kill(signal, -1 * @pid) # we are sending to the entire process group
   end
 
+
   #
   # Run an application 'cmd' in a separate thread and monitor
   # its stdout. Also send status reports to the 'observer' by
@@ -78,9 +87,9 @@ class ExecApp
   #
   def initialize(id, cmd, map_std_err_to_out = false, working_directory = nil, &observer)
 
-    @id = id
+    @id = id || self.object_id
     @observer = observer
-    @@all_apps[id] = self
+    @@all_apps[@id] = self
     @exit_status = nil
     @threads = []
 
@@ -88,8 +97,9 @@ class ExecApp
     pr = IO::pipe
     pe = IO::pipe
 
-    logger.debug "Starting application '#{id}' - cmd: '#{cmd}'"
-    @observer.call(:STARTED, id, cmd)
+    logger.debug "Starting application '#{@id}' - cmd: '#{cmd}'"
+    #@observer.call(:STARTED, id, cmd)
+    call_observer(:STARTED, cmd)
     @pid = fork {
       # child will remap pipes to std and exec cmd
       pw[1].close
@@ -105,6 +115,9 @@ class ExecApp
       pe[1].close
 
       begin
+        pgid = Process.setsid # Create a new process group 
+                              # which includes all potential child processes
+        STDOUT.puts "INTERNAL WARNING: Assuming process_group_id == pid" unless pgid == $$ 
         Dir.chdir working_directory if working_directory
         exec(cmd)
       rescue => ex
@@ -124,12 +137,15 @@ class ExecApp
     @threads << Thread.new(id, @pid) do |id, pid|
       ret = Process.waitpid(pid)
       @exit_status = $?.exitstatus
+      if @exit_status > 127 
+        @exit_status = 128 - @exit_status
+      end
       @@all_apps.delete(@id)
       # app finished
       if (@exit_status == 0) || @clean_exit
-        logger.debug "Application '#{id}' finished"
+        logger.debug "Application '#{@id}' finished"
       else
-        logger.debug "Application '#{id}' failed (code=#{@exit_status})"
+        logger.debug "Application '#{@id}' failed (code=#{@exit_status})"
       end
     end
     @stdin = pw[1]
@@ -137,13 +153,9 @@ class ExecApp
     # wait for done in yet another thread
     Thread.new do
       @threads.each {|t| t.join }
-      if (@exit_status == 0) || @clean_exit
-        s = "OK"
-      else
-        s = "ERROR"
-      end
-      @observer.call("DONE.#{s}", @id, "status: #{@exit_status}")
+      call_observer("EXIT", @exit_status)
     end
+    logger.debug "Application is running with PID #{@pid}"
   end
     
   private
@@ -160,12 +172,10 @@ class ExecApp
       begin
         while true do
           s = pipe.readline.chomp
-          #puts "#{name}: #{s}"
-          @observer.call(name.to_s.upcase, @id, s)
+          call_observer(name.to_s.upcase, s)
         end
       rescue EOFError
         # do nothing
-        #puts "++++ STOP MONITORING #{name}"
       rescue  => err
         logger.error "monitorApp(#{@id}): #{err}"
         logger.debug "#{err}\n\t#{err.backtrace.join("\n\t")}"
@@ -174,4 +184,14 @@ class ExecApp
       end
     end
   end
+  
+  def call_observer(event_type, msg)
+    return unless @observer
+    begin
+      @observer.call(event_type, @id, msg)
+    rescue Exception => ex
+      logger.warn "Exception while calling observer '#{@observer}': #{ex}"
+      logger.debug "#{ex}\n\t#{ex.backtrace.join("\n\t")}"
+    end
+  end
 end

data/lib/omf_common/key.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 require 'openssl'
 require 'singleton'
 

data/lib/omf_common/measure.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 require 'oml4r'
 module OmfCommon
   class Measure

data/lib/omf_common/message.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 module OmfCommon
 
   class MPMessage < OML4R::MPBase

data/lib/omf_common/message/json/json_message.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 
 require 'json'
 require 'omf_common/auth'
@@ -18,10 +23,13 @@ module OmfCommon
 
         def self.create(type, properties, body = {})
           if type == :request
-            unless properties.kind_of?(Array)
+            unless (req_props = properties).kind_of?(Array)
               raise "Expected array, but got #{properties.class} for request message"
             end
-            properties = {select: properties}
+            #properties = {select: properties}
+            properties = {}
+            req_props.each {|n| properties[n] = nil }
+            
           elsif not properties.kind_of?(Hash)
             raise "Expected hash, but got #{properties.class}"
           end
@@ -89,8 +97,8 @@ module OmfCommon
               return nil
             end
 
-            unless cert.verify_cert
-              warn "JWT: Invalid certificate '#{cert.to_s}', NOT signed by root certificate."
+            unless OmfCommon::Auth::CertificateStore.instance.verify(cert)
+              warn "JWT: Invalid certificate '#{cert.to_s}', NOT signed by CA certs, or its CA cert NOT loaded into cert store."
             end
 
             #puts ">>> #{cert.to_x509.public_key}::#{signature_base_string}"
@@ -170,7 +178,7 @@ module OmfCommon
           #puts "MARSHALL: #{@content.inspect} - #{@properties.to_hash.inspect}"
           raise "Missing SRC declaration in #{@content}" unless @content[:src]
           if @content[:src].is_a? OmfCommon::Comm::Topic
-            @content[:src] = @content[:src].id
+            @content[:src] = @content[:src].address
           end
           #raise 'local/local' if @content[:src].id.match 'local:/local'
           #puts @content.inspect

data/lib/omf_common/message/xml/message.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 require 'niceogiri'
 require 'hashie'
 require 'securerandom'
@@ -71,8 +76,13 @@ class XML
               cert = OmfCommon::Auth::CertificateStore.instance.cert_for(iss)
             end
 
-            unless cert.verify_cert
-              warn "Invalid certificate '#{cert.to_s}', NOT signed by root certificate."
+            if cert.nil?
+              warn "Missing certificate of '#{iss}'"
+              return nil
+            end
+
+            unless OmfCommon::Auth::CertificateStore.instance.verify(cert)
+              warn "Invalid certificate '#{cert.to_s}', NOT signed by CA certs, or its CA cert NOT loaded into cert store."
               return nil
             end
 
@@ -83,6 +93,11 @@ class XML
               return nil
             end
           end
+        else
+          if self.authenticate?
+            debug "Message not signed: '#{xml}'"
+            return nil
+          end
         end
 
         parsed_msg = self.create(xml_node.name.to_sym).tap do |message|
@@ -158,7 +173,7 @@ class XML
           #end
           ['text/xml', @envelope]
         else
-          error "Missing cert for #{src}"
+          error "Missing cert for #{src}. Auth turned on but could not locate a proper cert."
           ['text/xml', nil]
         end
       else
@@ -328,7 +343,7 @@ class XML
 
     # Reconstruct xml node into Ruby object
     #
-    # @param [Niceogiri::XML::Node] property xml node
+    # @param [Niceogiri::XML::Node] node xml node
     # @return [Object] the content of the property, as string, integer, float, or mash(hash with indifferent access)
     def reconstruct_data(node, data_binding = nil)
       node_type =  node.attr('type')

data/lib/omf_common/message/xml/relaxng_schema.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 require 'singleton'
 
 module OmfCommon

data/lib/omf_common/message/xml/topic_message.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 # module OmfCommon
   # class TopicMessage
     # attr_accessor :body, :comm

data/lib/omf_common/version.rb

@@ -1,4 +1,9 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 module OmfCommon
-  VERSION = "6.0.2.pre.2"
+  VERSION = "6.0.2"
   PROTOCOL_VERSION = "6.0"
 end

data/omf_common.gemspec

@@ -27,11 +27,12 @@ Gem::Specification.new do |s|
   s.add_development_dependency "pry"
   s.add_development_dependency "mocha"
 
-  s.add_runtime_dependency "eventmachine", "~> 0.12.10"
-  s.add_runtime_dependency "blather", "= 0.8.1"
+  s.add_runtime_dependency "eventmachine", "= 1.0.3"
+  s.add_runtime_dependency "blather", "= 0.8.4"
   s.add_runtime_dependency "logging", "~> 1.7.1"
   s.add_runtime_dependency "hashie", "~> 1.2.0"
   s.add_runtime_dependency "oml4r", "~> 2.9.1"
+  s.add_runtime_dependency "json", "~> 1.7.7"
   #s.add_runtime_dependency "json-jwt", "~> 0.5.2"
   #s.add_runtime_dependency "amqp", "~> 1.0.1"
 end

data/test/fixture/1st_level.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDBDCCAm2gAwIBAgIJANcH4kPmdM2jMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEOMAwGA1UEChMF
+TklDVEExEDAOBgNVBAMTB1JPT1QgQ0ExEDAOBgkqhkiG9w0BCQEWASAwHhcNMTMw
+NTAxMDg0NTU3WhcNMjMwNDI5MDg0NTU3WjBgMQswCQYDVQQGEwJBVTEMMAoGA1UE
+CBMDTlNXMQ8wDQYDVQQHEwZTeWRuZXkxDjAMBgNVBAoTBU5JQ1RBMRAwDgYDVQQD
+EwdST09UIENBMRAwDgYJKoZIhvcNAQkBFgEgMIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQC28Im2u+pQCSJhArXolkQ6GP1RixNqZ09wRxY9Gwps1Fj7KJu+q5GF
+ZloNLAip9W9L51hEPnyaNduj295d5c3uyRyzlsn+031c5LjwXPplZuu+xgd2AuZs
+tsD+CodVLqyidl5VWwHk4rVpyhaOfvWmn/ZuC2hUybxvZOOjKXeV+wIDAQABo4HF
+MIHCMB0GA1UdDgQWBBSHx/Xp8sLIr7c9W+IUOBwTX2vqkTCBkgYDVR0jBIGKMIGH
+gBSHx/Xp8sLIr7c9W+IUOBwTX2vqkaFkpGIwYDELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MQ4wDAYDVQQKEwVOSUNUQTEQMA4GA1UE
+AxMHUk9PVCBDQTEQMA4GCSqGSIb3DQEJARYBIIIJANcH4kPmdM2jMAwGA1UdEwQF
+MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAh6YSg5nJlepenAY/a8sRNV1p74QYIwpq
+E7yTYdnodxUwFz3oMob1a/Eiub+G9ftYgzalygefeVONfpJ60vtJIRCtV40zMdoW
+Y/K+olrL3UOSF06ygwuTSOz57W90tTNhSzZL/rYh1RG+D51ArfLRfLyMIgBQ+1Xj
+JV0hI92Bt18=
+-----END CERTIFICATE-----
+

data/test/fixture/2nd_level.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDATCCAmqgAwIBAgIBATANBgkqhkiG9w0BAQQFADBgMQswCQYDVQQGEwJBVTEM
+MAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZTeWRuZXkxDjAMBgNVBAoTBU5JQ1RBMRAw
+DgYDVQQDEwdST09UIENBMRAwDgYJKoZIhvcNAQkBFgEgMB4XDTEzMDUwMTA4NDYz
+M1oXDTE2MDQzMDA4NDYzM1owZTELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEP
+MA0GA1UEBxMGU3lkbmV5MQ4wDAYDVQQKEwVOSUNUQTEVMBMGA1UEAxMMU0lHTklO
+RyBDQSAxMRAwDgYJKoZIhvcNAQkBFgEgMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDsJub6FR+Ogyt6ixzLLBqNij3CQLG2ABMpyan+S2Dj+6GrCTz7JRzWA2hv
+IqBVwDu0TLLhooDo9RUmaElu8rNDqRgjQX5mMEyiMORwLYZrPlZ6dLLvQ6ueU884
+7tbAal4t6IT+rrE4LGKqi8SbI8oDbJVpoyrRiUtqn4T/ooUuPQIDAQABo4HFMIHC
+MB0GA1UdDgQWBBTbIoyq6tp5SZiP0i6LsbNM6ksyyjCBkgYDVR0jBIGKMIGHgBSH
+x/Xp8sLIr7c9W+IUOBwTX2vqkaFkpGIwYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgT
+A05TVzEPMA0GA1UEBxMGU3lkbmV5MQ4wDAYDVQQKEwVOSUNUQTEQMA4GA1UEAxMH
+Uk9PVCBDQTEQMA4GCSqGSIb3DQEJARYBIIIJANcH4kPmdM2jMAwGA1UdEwQFMAMB
+Af8wDQYJKoZIhvcNAQEEBQADgYEAOUuQjbbgblYAr0c9HXGoCnTGzspYKPkg4cLi
+NJl4MtbNk0gPZIwKS6BiFImDTUaZHY4Fzxt5UNO3/QtbsHhDR3jSgLei18sWGtRW
+cGjjNxpx06329f1KckvSttwANMLNGzGtlAlIyl+GH+X+nEiZWeropjvV6lKb8mK8
+YdS+BH4=
+-----END CERTIFICATE-----

data/test/fixture/3rd_level.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBlMQswCQYDVQQGEwJBVTEM
+MAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZTeWRuZXkxDjAMBgNVBAoTBU5JQ1RBMRUw
+EwYDVQQDEwxTSUdOSU5HIENBIDExEDAOBgkqhkiG9w0BCQEWASAwHhcNMTMwNTAx
+MDg1MzM1WhcNMTQwNTAxMDg1MzM1WjBKMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD
+TlNXMQ8wDQYDVQQHEwZTeWRuZXkxDjAMBgNVBAoTBU5JQ1RBMQwwCgYDVQQDEwNj
+ZHcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtP3bHh41wm1OMBS9F9Zyvi
+l9r3hWHaShVOvRm/fiH4NShSLv9wJylKz24Tx2XDRuh0v9+ZNqJp1abI8Hfd2GTt
+HW3W68mCzqAnDk+vn+a4FpZn0qn+EM/EqNX/3r852z9L3qcxMidHtQm0ietE3HKF
+pfsHbuR/4UzT2WV/jdiFAgMBAAGjgecwgeQwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFGVV
+8h3nvWWk9BXHalRsJIuftY8lMIGJBgNVHSMEgYEwf4AU2yKMquraeUmYj9Iui7Gz
+TOpLMsqhZKRiMGAxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcT
+BlN5ZG5leTEOMAwGA1UEChMFTklDVEExEDAOBgNVBAMTB1JPT1QgQ0ExEDAOBgkq
+hkiG9w0BCQEWASCCAQEwDQYJKoZIhvcNAQEEBQADgYEAjz4HM8BrKhwNBMPZ066b
+p/0FdpmrPpZhFR4UJqLZD6fqnHDAKwZZs8UFYqLrIkgkNNOkIMA0LYRaCCYFC19m
+yjEeBlQ0dPFgGApJwcZ6tvuhyWXhAnTDCFIbgsdU2MHPl0ccpaPHRMpOPIuu1T9B
+uE55figSibhihtqzAelHJE4=
+-----END CERTIFICATE-----

data/test/fixture/pubsub.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 def affiliations_xml
   <<-NODE
 <iq type='result'

data/test/fixture/rc.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC2DCCAcCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAkMSIwIAYDVQQDDBlmcmNw
+Ly9vbWYvL2ZyY3AuY2Eub21mX2NhMB4XDTEzMDQyNDAzMzQyM1oXDTEzMDQyNDAz
+NDAyOFowKDEmMCQGA1UEAwwdZnJjcC8vb21mLy9mcmNwLmNvbnRyb2xsZXIucmMw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRJZSSENhtqWoPdupdB5AS
+QFyq+m8LyxslAdSIdrFhB9hA9vpma8w4oUGtiTdfehqP2UzkM/35WeFzU9deuwvV
+ayQqWEKUU5oPprquWCR+tFNsgSNZWghmB5B3mKxpRFbIAwKOu3SmHzMedf1oe1k3
+paOmZjjsq8SIp3oPo8FToTxyARQPU+Pz/BVyLy15YCs8Xj7iJ8PESN/FxBRhO0oj
+PPJzB/ObuflmKodhz33xAEzoKEk3Q/EQYrLEtCdAKLGjnqWCewsRK12aZcZzNoih
+7uXn+L/J2Zz8MF8VLkvBXlh+Y6ouy5gpSQq9bLlJ+73zo7Cx9xTrHZ9zOJ131rhZ
+AgMBAAGjETAPMA0GA1UdEQQGMASGAnJjMA0GCSqGSIb3DQEBBQUAA4IBAQABQnzU
+Cz+XbjnIQGDwN6WDtxKX8e1C8DR15YVSt4vZY+5vnWla7Tdvp3wU+6HE0l7SEHQa
+HjXgSkCUIbJV8Z+UZ7VXvY7zlaX6Rdz+CYBZ6QlTV5DKFtPfoifGD6I3k1svs0aA
+XOJzvXNvRAviuLEKKm8/+c8SX257OWh0p7WysG97iizmx7fYDzOns69xdZaPIcR5
+D5yxrf3sJ3LcV3ydHmQ0NUPLs1NWHoUXQ6D64gA/x8j9jxcpN88fI5iQLdhLVkaR
+JQHxSLUlmA8TXf3gMZriJvvDTUN4oaO0Wshbyt/t4sTkIAW/uCDFMPBD/VIrHPnZ
+CP+RbTSNF3njpBt8
+-----END CERTIFICATE-----

data/test/fixture/root.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICwTCCAamgAwIBAgIBATANBgkqhkiG9w0BAQUFADAkMSIwIAYDVQQDDBlmcmNw
+Ly9vbWYvL2ZyY3AuY2Eub21mX2NhMB4XDTEzMDQyNDAzMzQyM1oXDTEzMDQyNDA0
+MzQyM1owJDEiMCAGA1UEAwwZZnJjcC8vb21mLy9mcmNwLmNhLm9tZl9jYTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJubh9SKDnfQv7r6qdevcF0Jb3Nb
+H7dr20yu3ujfmOsgmmiTQIjOv6YSIfLLdOBUrSG/Tw/TWl3NhDGLjplwI1puaTIl
+sOCqi3mh/VVPN4e4b+riDVJD/Wdvj7278aVisy74cvF+IwQj1puDhD5K1eC9UcZ+
+sv8CcQj+DR2u7GMHxbLwAcou74R+cWiFyXwFjrSDqC6neQ/BpCWwM0Gm/OAV5WX0
+inBBKBYvn/5RTfDLKatLKjaLWuduQWRJz1Qe7phrXRFJABXQCy/5q9qRG/fsLzPu
+6+puqtfo5OBYbZlrRVsZCP7Nv8CKibi5AoEFR4MdAIjLaXbbdFjWPg7DdQcCAwEA
+ATANBgkqhkiG9w0BAQUFAAOCAQEAUaiWcrWEhSb9TgJ5FmUz+kf8y10q6ai7cYoP
+Tg5oBJqpIZbV2cPL//MtnHLvFmlGN8JCTaqOBGhnmErtm9jaeUBkSVidM03JUy6b
+HAYz90GH53hR7x+2TedYus3C2oQqZbKgXsBhzIzqMpXewLAIIyEXUq7kLeOQWUok
+jrA8jS/VAnJ0/TNIlkeCttPab3DTdzI0Eo1r+juH86jnCOoz6MjSt9krZNPHxLoD
+7HLy+TvJAvdfMs+1WvPMEAaNGynrtg9/74bod8CGajYbPLtMysA+a7+S6GeOl/y4
+RxI1DK2kvXlEZEWsguuiFUYZk6CMyKNTT2fTiGAiLFmSFO2Rxg==
+-----END CERTIFICATE-----

data/test/omf_common/auth/certificate_spec.rb

@@ -1,3 +1,8 @@
+# Copyright (c) 2012 National ICT Australia Limited (NICTA).
+# This software may be used and distributed solely under the terms of the MIT license (License).
+# You should find a copy of the License in LICENSE.TXT or at http://opensource.org/licenses/MIT.
+# By downloading or using this software you accept the terms and the liability disclaimer in the License.
+
 require 'test_helper'
 
 describe OmfCommon::Auth::Certificate do
@@ -46,6 +51,16 @@ describe OmfCommon::Auth::Certificate do
     @entity.verify_cert.must_equal true
   end
 
+  it "must be verified successfully by using X509 cert store" do
+    store = OpenSSL::X509::Store.new
+    store.add_cert(@root.to_x509)
+
+    @entity = @root.create_for('my_addr', 'bob', 'my_resource', 'omf')
+
+    store.verify(@root.to_x509).must_equal true
+    store.verify(@entity.to_x509).must_equal true
+  end
+
   it "must verify cert validity" do
     @root.verify_cert.must_equal true
     @root.create_for('my_addr', 'bob', 'my_resource', 'omf').verify_cert.must_equal true
@@ -93,6 +108,18 @@ describe OmfCommon::Auth::Certificate do
       test_entity.can_sign?.must_equal false
       test_entity.verify_cert.must_equal true
     end
+
+    it "must generate a cert from SSH key too" do
+      private_folder = "#{File.dirname(__FILE__)}/../../fixture"
+      ssh_pub_key = File.read("#{private_folder}/omf_test.pub")
+      pub_key = OpenSSL::PKey::RSA.new(File.read("#{private_folder}/omf_test.pub.pem"))
+      lambda do
+        test_entity = @root.create_for('my_addr', 'bob', 'my_resource', 'omf', 365, 'bob')
+      end.must_raise ArgumentError
+
+      test_entity = @root.create_for('my_addr', 'bob', 'my_resource', 'omf', 365, ssh_pub_key)
+      test_entity.to_x509.public_key.to_s.must_equal  pub_key.to_s
+    end
   end
 
   describe "when provided an existing public cert and I have a private key associated" do