win32-certstore 0.1.11 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/win32/certstore.rb +2 -1
- data/lib/win32/certstore/mixin/crypto.rb +24 -2
- data/lib/win32/certstore/mixin/helper.rb +2 -2
- data/lib/win32/certstore/mixin/unicode.rb +0 -8
- data/lib/win32/certstore/store_base.rb +7 -18
- data/lib/win32/certstore/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '0806f9e6b2fd19bdcbe22360d33ee9c192e603662564ec5007332b03b498d9ce'
|
|
4
|
+
data.tar.gz: 5cc20bb3a2767b6ea0a9495bb0e7c27892bf9189f662db233d1901c31006b6a9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9882eb9c3f237dc8564c36cde26fd437ed5fd54f786f2fa9289793e5cab193acd845e425ba240f9eab320c57f693f33a08416f89bb6c0c8ff6db7dcd6363e41b
|
|
7
|
+
data.tar.gz: d86c06df2d6be60b044a7474bcb72851245b2b28c2bd81dbb9b9e5e43185cc344a48302c53f6fcd03ebd4ce2416e384b77d0768015cd01a024786c9aab8c892e
|
data/lib/win32/certstore.rb
CHANGED
|
@@ -29,9 +29,10 @@ module Win32
|
|
|
29
29
|
include Win32::Certstore::Mixin::String
|
|
30
30
|
include Win32::Certstore::StoreBase
|
|
31
31
|
|
|
32
|
-
|
|
32
|
+
attr_accessor :store_name
|
|
33
33
|
|
|
34
34
|
def initialize(store_name)
|
|
35
|
+
@store_name = store_name
|
|
35
36
|
@certstore_handler = open(store_name)
|
|
36
37
|
end
|
|
37
38
|
|
|
@@ -55,6 +55,7 @@ module Win32
|
|
|
55
55
|
PKCS_7_ASN_ENCODING = 0x00010000
|
|
56
56
|
PKCS_7_NDR_ENCODING = 0x00020000
|
|
57
57
|
PKCS_7_OR_X509_ASN_ENCODING = (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
|
|
58
|
+
ENCODING_TYPE = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING
|
|
58
59
|
|
|
59
60
|
# Certificate Display Format
|
|
60
61
|
CERT_NAME_EMAIL_TYPE = 1
|
|
@@ -67,8 +68,12 @@ module Win32
|
|
|
67
68
|
CERT_NAME_UPN_TYPE = 8
|
|
68
69
|
|
|
69
70
|
# Retrieve Certificates flag
|
|
70
|
-
|
|
71
|
-
|
|
71
|
+
CERT_COMPARE_SHA1_HASH = 1
|
|
72
|
+
CERT_INFO_SUBJECT_FLAG = 7
|
|
73
|
+
CERT_COMPARE_NAME_STR_W = 8
|
|
74
|
+
CERT_COMPARE_SHIFT = 16
|
|
75
|
+
CERT_FIND_SHA1_HASH = CERT_COMPARE_SHA1_HASH << CERT_COMPARE_SHIFT
|
|
76
|
+
CERT_FIND_SUBJECT_STR = CERT_COMPARE_NAME_STR_W << CERT_COMPARE_SHIFT | CERT_INFO_SUBJECT_FLAG
|
|
72
77
|
|
|
73
78
|
# List Certificates Flag
|
|
74
79
|
CERT_NAME_ISSUER_FLAG = 0x1
|
|
@@ -122,6 +127,23 @@ module Win32
|
|
|
122
127
|
end
|
|
123
128
|
end
|
|
124
129
|
|
|
130
|
+
class CRYPT_HASH_BLOB < FFI::Struct
|
|
131
|
+
layout :cbData, DWORD, # Count, in bytes, of data
|
|
132
|
+
:pbData, :pointer # Pointer to data buffer
|
|
133
|
+
|
|
134
|
+
def initialize(str = nil)
|
|
135
|
+
super(nil)
|
|
136
|
+
if str
|
|
137
|
+
byte_arr = [str].pack("H*").unpack("C*") # Converting string to its byte array
|
|
138
|
+
|
|
139
|
+
buffer = FFI::MemoryPointer.new(:char, byte_arr.size) # Create the pointer to the array
|
|
140
|
+
buffer.put_array_of_char 0, byte_arr # Fill the memory location with data
|
|
141
|
+
self[:pbData] = buffer
|
|
142
|
+
self[:cbData] = byte_arr.size
|
|
143
|
+
end
|
|
144
|
+
end
|
|
145
|
+
end
|
|
146
|
+
|
|
125
147
|
class CERT_EXTENSION < FFI::Struct
|
|
126
148
|
layout :pszObjId, LPTSTR,
|
|
127
149
|
:fCritical, BOOL,
|
|
@@ -23,10 +23,10 @@ module Win32
|
|
|
23
23
|
module Helper
|
|
24
24
|
|
|
25
25
|
# PSCommand to search certificate from thumbprint and convert in pem
|
|
26
|
-
def cert_ps_cmd(thumbprint)
|
|
26
|
+
def cert_ps_cmd(thumbprint, store_name)
|
|
27
27
|
<<-EOH
|
|
28
28
|
$content = $null
|
|
29
|
-
$cert = Get-ChildItem Cert
|
|
29
|
+
$cert = Get-ChildItem Cert:\\LocalMachine\\'#{store_name}' -Recurse | Where { $_.Thumbprint -eq '#{thumbprint}' }
|
|
30
30
|
if($cert -ne $null)
|
|
31
31
|
{
|
|
32
32
|
$content = @(
|
|
@@ -50,7 +50,6 @@ module Win32
|
|
|
50
50
|
end
|
|
51
51
|
|
|
52
52
|
# Get certificate from open certificate store and return certificate object
|
|
53
|
-
# store_handler => Open certificate store handler
|
|
54
53
|
# certificate_thumbprint => thumbprint is a hash. which could be sha1 or md5.
|
|
55
54
|
def cert_get(certificate_thumbprint)
|
|
56
55
|
validate_thumbprint(certificate_thumbprint)
|
|
@@ -86,21 +85,16 @@ module Win32
|
|
|
86
85
|
def cert_delete(store_handler, certificate_thumbprint)
|
|
87
86
|
validate_thumbprint(certificate_thumbprint)
|
|
88
87
|
thumbprint = update_thumbprint(certificate_thumbprint)
|
|
89
|
-
cert_pem = format_pem(get_cert_pem(thumbprint))
|
|
90
|
-
cert_rdn = get_rdn(build_openssl_obj(cert_pem)) unless cert_pem.empty?
|
|
91
88
|
cert_delete_flag = false
|
|
92
89
|
begin
|
|
93
|
-
cert_args = cert_find_args(store_handler,
|
|
94
|
-
|
|
90
|
+
cert_args = cert_find_args(store_handler, thumbprint)
|
|
91
|
+
pcert_context = CertFindCertificateInStore(*cert_args)
|
|
92
|
+
if !pcert_context.null?
|
|
95
93
|
cert_delete_flag = CertDeleteCertificateFromStore(CertDuplicateCertificateContext(pcert_context)) || lookup_error
|
|
96
94
|
end
|
|
97
95
|
CertFreeCertificateContext(pcert_context)
|
|
98
96
|
rescue
|
|
99
|
-
|
|
100
|
-
raise SystemCallError.new("Invalid thumbprint #{certificate_thumbprint}.")
|
|
101
|
-
else
|
|
102
|
-
lookup_error("delete")
|
|
103
|
-
end
|
|
97
|
+
lookup_error("delete")
|
|
104
98
|
end
|
|
105
99
|
cert_delete_flag
|
|
106
100
|
end
|
|
@@ -144,8 +138,8 @@ module Win32
|
|
|
144
138
|
end
|
|
145
139
|
|
|
146
140
|
# Build arguments for CertFindCertificateInStore
|
|
147
|
-
def cert_find_args(store_handler,
|
|
148
|
-
[store_handler,
|
|
141
|
+
def cert_find_args(store_handler, thumbprint)
|
|
142
|
+
[store_handler, ENCODING_TYPE, 0, CERT_FIND_SHA1_HASH, CRYPT_HASH_BLOB.new(thumbprint), nil]
|
|
149
143
|
end
|
|
150
144
|
|
|
151
145
|
# Match certificate CN exist in cert_rdn
|
|
@@ -188,15 +182,10 @@ module Win32
|
|
|
188
182
|
|
|
189
183
|
# Get certificate pem
|
|
190
184
|
def get_cert_pem(thumbprint)
|
|
191
|
-
get_data = powershell_out!(cert_ps_cmd(thumbprint))
|
|
185
|
+
get_data = powershell_out!(cert_ps_cmd(thumbprint, store_name))
|
|
192
186
|
get_data.stdout
|
|
193
187
|
end
|
|
194
188
|
|
|
195
|
-
# To get RDN from certificate object
|
|
196
|
-
def get_rdn(cert_obj)
|
|
197
|
-
cert_obj.issuer.to_s.concat("/").scan(/=(.*?)\//).join(", ")
|
|
198
|
-
end
|
|
199
|
-
|
|
200
189
|
# Format pem
|
|
201
190
|
def format_pem(cert_pem)
|
|
202
191
|
cert_pem.delete("\r")
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: win32-certstore
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
-
|
|
7
|
+
- Chef Software
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-01-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -68,7 +68,7 @@ dependencies:
|
|
|
68
68
|
version: '0'
|
|
69
69
|
description:
|
|
70
70
|
email:
|
|
71
|
-
-
|
|
71
|
+
- oss@chef.io
|
|
72
72
|
executables: []
|
|
73
73
|
extensions: []
|
|
74
74
|
extra_rdoc_files: []
|
|
@@ -97,7 +97,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
97
97
|
requirements:
|
|
98
98
|
- - ">="
|
|
99
99
|
- !ruby/object:Gem::Version
|
|
100
|
-
version: '
|
|
100
|
+
version: '2.3'
|
|
101
101
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
102
102
|
requirements:
|
|
103
103
|
- - ">="
|