Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Cleaned up CryptoKey

  • Loading branch information...
commit 0e1457dba05ca740ef39c3e226f0cabdfbc2a6cf 1 parent e594b0c
@wagenet authored
View
1  lib/health_vault/application.rb
@@ -6,7 +6,6 @@
#++
require 'uri'
-require 'health_vault/utils/crypto_utils' # for CryptoKey
module HealthVault
class Application
View
52 lib/health_vault/utils/crypto_utils.rb
@@ -19,52 +19,46 @@ def self.create_shared_secret
data = BN.rand(2048, -1, false).to_s
return OpenSSL::Digest::SHA1.new(data).digest
end
-
+
def self.encode64(text)
return Base64.encode64(text).gsub(/\n/, "")
end
-
+
def self.hmac(key, text)
return HMAC.digest(OpenSSL::Digest::Digest.new("SHA1"), key, text)
end
-
+
def self.digest(text)
return OpenSSL::Digest::SHA1.new(text).digest
end
end
-
+
class CryptoKey
def initialize(pfx_or_pem_filename, password = nil)
- begin
- #INFO: I can't get OpenSSL::PKCS12 working on windows.
- # This call fails with 'mac verify failed'
- # To work around this I created a pem on the command line like:
- # openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
- @pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
- #TODO if pfx files are going to be a problem, maybe we just ought to remove
- rescue
- @pfx = nil
- @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
- @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+ case pfx_or_pem_filename
+ when /.pfx$/
+ # INFO: I can't get OpenSSL::PKCS12 working on windows.
+ # This call fails with 'mac verify failed'
+ # To work around this I created a pem on the command line like:
+ # openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
+ pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
+ @pkey = pfx.key
+ @cert = pfx.certificate
+ # TODO: if pfx files are going to be a problem, maybe we just ought to remove
+ when /.pem$/
+ @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
+ @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+ else
+ raise "Certificate must be a .pfx or .pem file"
end
end
-
+
def sign(text)
- if @pfx.nil?
- return @pkey.sign(OpenSSL::Digest::SHA1.new, text)
- else
- return @pfx.key.sign(OpenSSL::Digest::SHA1.new, text)
- end
-
+ @pkey.sign(OpenSSL::Digest::SHA1.new, text)
end
-
+
def fingerprint
- if @pfx.nil?
- return OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
- else
- return OpenSSL::Digest::SHA1.hexdigest(@pfx.certificate.to_der)
- end
-
+ OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
end
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.