Permalink
Browse files

Cleaned up CryptoKey

  • Loading branch information...
1 parent e594b0c commit 0e1457dba05ca740ef39c3e226f0cabdfbc2a6cf @wagenet committed Jun 10, 2009
Showing with 23 additions and 30 deletions.
  1. +0 −1 lib/health_vault/application.rb
  2. +23 −29 lib/health_vault/utils/crypto_utils.rb
@@ -6,7 +6,6 @@
#++
require 'uri'
-require 'health_vault/utils/crypto_utils' # for CryptoKey
module HealthVault
class Application
@@ -19,52 +19,46 @@ def self.create_shared_secret
data = BN.rand(2048, -1, false).to_s
return OpenSSL::Digest::SHA1.new(data).digest
end
-
+
def self.encode64(text)
return Base64.encode64(text).gsub(/\n/, "")
end
-
+
def self.hmac(key, text)
return HMAC.digest(OpenSSL::Digest::Digest.new("SHA1"), key, text)
end
-
+
def self.digest(text)
return OpenSSL::Digest::SHA1.new(text).digest
end
end
-
+
class CryptoKey
def initialize(pfx_or_pem_filename, password = nil)
- begin
- #INFO: I can't get OpenSSL::PKCS12 working on windows.
- # This call fails with 'mac verify failed'
- # To work around this I created a pem on the command line like:
- # openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
- @pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
- #TODO if pfx files are going to be a problem, maybe we just ought to remove
- rescue
- @pfx = nil
- @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
- @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+ case pfx_or_pem_filename
+ when /.pfx$/
+ # INFO: I can't get OpenSSL::PKCS12 working on windows.
+ # This call fails with 'mac verify failed'
+ # To work around this I created a pem on the command line like:
+ # openssl pkcs12 -in xxx.pfx -out xxx.pem -nodes
+ pfx = OpenSSL::PKCS12::PKCS12.new(File.read(pfx_or_pem_filename), password)
+ @pkey = pfx.key
+ @cert = pfx.certificate
+ # TODO: if pfx files are going to be a problem, maybe we just ought to remove
+ when /.pem$/
+ @pkey = OpenSSL::PKey::RSA.new(File.read(pfx_or_pem_filename),password)
+ @cert = OpenSSL::X509::Certificate.new(File.read(pfx_or_pem_filename))
+ else
+ raise "Certificate must be a .pfx or .pem file"
end
end
-
+
def sign(text)
- if @pfx.nil?
- return @pkey.sign(OpenSSL::Digest::SHA1.new, text)
- else
- return @pfx.key.sign(OpenSSL::Digest::SHA1.new, text)
- end
-
+ @pkey.sign(OpenSSL::Digest::SHA1.new, text)
end
-
+
def fingerprint
- if @pfx.nil?
- return OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
- else
- return OpenSSL::Digest::SHA1.hexdigest(@pfx.certificate.to_der)
- end
-
+ OpenSSL::Digest::SHA1.hexdigest(@cert.to_der)
end
end
end

0 comments on commit 0e1457d

Please sign in to comment.