xml-kit 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/xml/kit/certificate.rb +24 -6
- data/lib/xml/kit/document.rb +11 -4
- data/lib/xml/kit/templatable.rb +1 -0
- data/lib/xml/kit/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8c3cc43f29794476f060bdaa709f2c99dc41ed88598f560e24d760701ebfaff8
|
|
4
|
+
data.tar.gz: 856ae8fd069fee1faa3555d95f329afb57ba2452a501f31d25d2c7b7c963b663
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 22299b273709119a00cf9bcad3b79361d3e82d476cb1584a9f5bc0a97220f2fb7776e3b1b554acca0956fbe061e26b073a02edad9434a1a6d589a5fb3769f8fe
|
|
7
|
+
data.tar.gz: 16bc8678b00b62bbde026a73b50b359b81fc5a3fd8dec5ff184ab7f4405e077df74b7343c95f9f6b3a0a5519c3084f5cd3fe9b841b63a51bbad0a5fba37f6f20
|
data/lib/xml/kit/certificate.rb
CHANGED
|
@@ -2,11 +2,15 @@ module Xml
|
|
|
2
2
|
module Kit
|
|
3
3
|
# {include:file:spec/xml/certificate_spec.rb}
|
|
4
4
|
class Certificate
|
|
5
|
+
BASE64_FORMAT = %r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z)
|
|
5
6
|
BEGIN_CERT=/-----BEGIN CERTIFICATE-----/
|
|
6
7
|
END_CERT=/-----END CERTIFICATE-----/
|
|
7
8
|
# The use can be `:signing` or `:encryption`. Use `nil` for both.
|
|
8
9
|
attr_reader :use
|
|
9
10
|
|
|
11
|
+
# The raw certificate value. This can be a Base64 encoded PEM or just a PEM format.
|
|
12
|
+
attr_reader :value
|
|
13
|
+
|
|
10
14
|
def initialize(value, use: nil)
|
|
11
15
|
@value = value
|
|
12
16
|
@use = use.nil? ? use : use.downcase.to_sym
|
|
@@ -44,7 +48,7 @@ module Xml
|
|
|
44
48
|
#
|
|
45
49
|
# return [OpenSSL::X509::Certificate] the OpenSSL equivalent.
|
|
46
50
|
def x509
|
|
47
|
-
self.class.to_x509(value)
|
|
51
|
+
@x509 ||= self.class.to_x509(value)
|
|
48
52
|
end
|
|
49
53
|
|
|
50
54
|
# Returns the public key.
|
|
@@ -79,18 +83,32 @@ module Xml
|
|
|
79
83
|
end
|
|
80
84
|
|
|
81
85
|
def stripped
|
|
82
|
-
|
|
86
|
+
self.class.strip(x509.to_pem)
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
def to_key_pair(private_key, passphrase: nil, use: nil)
|
|
90
|
+
KeyPair.new(x509.to_pem, private_key.to_s, passphrase, use)
|
|
83
91
|
end
|
|
84
92
|
|
|
85
93
|
def self.to_x509(value)
|
|
86
|
-
|
|
87
|
-
|
|
94
|
+
value = Base64.decode64(strip(value)) if base64?(value)
|
|
95
|
+
return value if value.is_a?(OpenSSL::X509::Certificate)
|
|
88
96
|
OpenSSL::X509::Certificate.new(value)
|
|
89
97
|
end
|
|
90
98
|
|
|
91
|
-
|
|
99
|
+
def self.base64?(value)
|
|
100
|
+
return unless value.is_a?(String)
|
|
92
101
|
|
|
93
|
-
|
|
102
|
+
sanitized_value = strip(value)
|
|
103
|
+
!!sanitized_value.match(BASE64_FORMAT)
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
def self.strip(value)
|
|
107
|
+
value.
|
|
108
|
+
gsub(BEGIN_CERT, '').
|
|
109
|
+
gsub(END_CERT, '').
|
|
110
|
+
gsub(/[\r\n]|\\r|\\n|\s/, "")
|
|
111
|
+
end
|
|
94
112
|
end
|
|
95
113
|
end
|
|
96
114
|
end
|
data/lib/xml/kit/document.rb
CHANGED
|
@@ -59,16 +59,23 @@ module Xml
|
|
|
59
59
|
|
|
60
60
|
x509_certificates.each do |certificate|
|
|
61
61
|
inactive = now < certificate.not_before
|
|
62
|
-
|
|
62
|
+
if inactive
|
|
63
|
+
error_message = "Not valid before #{certificate.not_before}"
|
|
64
|
+
errors.add(:certificate, error_message)
|
|
65
|
+
end
|
|
63
66
|
|
|
64
67
|
expired = now > certificate.not_after
|
|
65
|
-
|
|
68
|
+
if expired
|
|
69
|
+
error_message = "Not valid after #{certificate.not_after}"
|
|
70
|
+
errors.add(:certificate, error_message)
|
|
71
|
+
end
|
|
66
72
|
end
|
|
67
73
|
end
|
|
68
74
|
|
|
69
75
|
def x509_certificates
|
|
70
|
-
|
|
71
|
-
|
|
76
|
+
find_all("//ds:KeyInfo/ds:X509Data/ds:X509Certificate").map do |item|
|
|
77
|
+
Certificate.to_x509(item.text)
|
|
78
|
+
end
|
|
72
79
|
end
|
|
73
80
|
end
|
|
74
81
|
end
|
data/lib/xml/kit/templatable.rb
CHANGED
data/lib/xml/kit/version.rb
CHANGED