From 0e1457dba05ca740ef39c3e226f0cabdfbc2a6cf Mon Sep 17 00:00:00 2001
From: Peter Wagenet <peter.wagenet@gmail.com>
Date: Wed, 10 Jun 2009 09:33:05 -0700
Subject: [PATCH] Cleaned up CryptoKey

---
 lib/health_vault/application.rb        |  1 -
 lib/health_vault/utils/crypto_utils.rb | 52 ++++++++++++--------------
 2 files changed, 23 insertions(+), 30 deletions(-)

diff --git a/lib/health_vault/application.rb b/lib/health_vault/application.rb
index 47f4400..966b902 100644
--- a/lib/health_vault/application.rb
+++ b/lib/health_vault/application.rb
@@ -6,7 +6,6 @@
 #++
 
 require 'uri'
-require 'health_vault/utils/crypto_utils' # for CryptoKey
 
 module HealthVault
   class Application
diff --git a/lib/health_vault/utils/crypto_utils.rb b/lib/health_vault/utils/crypto_utils.rb
index e2b1928..da78bbc 100644
--- a/lib/health_vault/utils/crypto_utils.rb
+++ b/lib/health_vault/utils/crypto_utils.rb
@@ -19,52 +19,46 @@ def self.create_shared_secret
         data = BN.rand(2048, -1, false).to_s
         return OpenSSL::Digest::SHA1.new(data).digest
       end
-    
+
       def self.encode64(text)
         return Base64.encode64(text).gsub(/\n/, "")
       end
-    
+
       def self.hmac(key, text)
         return HMAC.digest(OpenSSL::Digest::Digest.new("SHA1"), key, text)
       end
-    
+
       def self.digest(text)
         return OpenSSL::Digest::SHA1.new(text).digest
       end
     end
-  
+
     class CryptoKey
       def initialize(pfx_or_pem_filename, password = nil)
-        begin
-          #INFO: I can't get OpenSSL::PKCS12 working on windows.
-          # This call fails with 'mac verify failed'
-          # To work around this I created a pem on the command line like:
-          # openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
-          @pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
-          #TODO if pfx files are going to be a problem, maybe we just ought to remove
-        rescue
-          @pfx = nil
-          @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
-          @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+        case pfx_or_pem_filename
+          when /.pfx$/
+            # INFO: I can't get OpenSSL::PKCS12 working on windows.
+            #   This call fails with 'mac verify failed'
+            #   To work around this I created a pem on the command line like:
+            #     openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
+            pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
+            @pkey = pfx.key
+            @cert = pfx.certificate
+            # TODO: if pfx files are going to be a problem, maybe we just ought to remove
+          when /.pem$/
+            @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
+            @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+          else
+            raise "Certificate must be a .pfx or .pem file"
         end
       end
-    
+
       def sign(text)
-        if @pfx.nil?
-          return @pkey.sign(OpenSSL::Digest::SHA1.new, text)
-        else
-          return @pfx.key.sign(OpenSSL::Digest::SHA1.new, text)
-        end
-      
+        @pkey.sign(OpenSSL::Digest::SHA1.new, text)
       end
-    
+
       def fingerprint
-        if @pfx.nil?
-          return OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
-        else
-          return OpenSSL::Digest::SHA1.hexdigest(@pfx.certificate.to_der)
-        end
-      
+        OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
       end
     end
   end