Cleaned up CryptoKey

wagenet · Jun 10, 2009 · 0e1457d · 0e1457d
1 parent e594b0c
commit 0e1457d
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 30 deletions.
diff --git a/lib/health_vault/application.rb b/lib/health_vault/application.rb
@@ -6,7 +6,6 @@
 #++
 
 require 'uri'
-require 'health_vault/utils/crypto_utils' # for CryptoKey
 
 module HealthVault
   class Application

diff --git a/lib/health_vault/utils/crypto_utils.rb b/lib/health_vault/utils/crypto_utils.rb
@@ -19,52 +19,46 @@ def self.create_shared_secret
         data = BN.rand(2048, -1, false).to_s
         return OpenSSL::Digest::SHA1.new(data).digest
       end
-    
+
       def self.encode64(text)
         return Base64.encode64(text).gsub(/\n/, "")
       end
-    
+
       def self.hmac(key, text)
         return HMAC.digest(OpenSSL::Digest::Digest.new("SHA1"), key, text)
       end
-    
+
       def self.digest(text)
         return OpenSSL::Digest::SHA1.new(text).digest
       end
     end
-  
+
     class CryptoKey
       def initialize(pfx_or_pem_filename, password = nil)
-        begin
-          #INFO: I can't get OpenSSL::PKCS12 working on windows.
-          # This call fails with 'mac verify failed'
-          # To work around this I created a pem on the command line like:
-          # openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
-          @pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
-          #TODO if pfx files are going to be a problem, maybe we just ought to remove
-        rescue
-          @pfx = nil
-          @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
-          @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+        case pfx_or_pem_filename
+          when /.pfx$/
+            # INFO: I can't get OpenSSL::PKCS12 working on windows.
+            #   This call fails with 'mac verify failed'
+            #   To work around this I created a pem on the command line like:
+            #     openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
+            pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
+            @pkey = pfx.key
+            @cert = pfx.certificate
+            # TODO: if pfx files are going to be a problem, maybe we just ought to remove
+          when /.pem$/
+            @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
+            @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+          else
+            raise "Certificate must be a .pfx or .pem file"
         end
       end
-    
+
       def sign(text)
-        if @pfx.nil?
-          return @pkey.sign(OpenSSL::Digest::SHA1.new, text)
-        else
-          return @pfx.key.sign(OpenSSL::Digest::SHA1.new, text)
-        end
-
+        @pkey.sign(OpenSSL::Digest::SHA1.new, text)
       end
-    
+
       def fingerprint
-        if @pfx.nil?
-          return OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
-        else
-          return OpenSSL::Digest::SHA1.hexdigest(@pfx.certificate.to_der)
-        end
-
+        OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
       end
     end
   end