Sha256: 293f982212071fa767a978abe64875bfce52bef2324c179005bd931d91ff8f65

Contents?: true

Size: 1.57 KB

Versions: 13

Compression:

Stored size: 1.57 KB

Contents

module CertificateAuthority
  class Pkcs11KeyMaterial
    include KeyMaterial
    include ActiveModel::Validations
    include ActiveModel::Serialization

    attr_accessor :engine
    attr_accessor :token_id
    attr_accessor :pkcs11_lib
    attr_accessor :openssl_pkcs11_engine_lib
    attr_accessor :pin

    def initialize(attributes = {})
      @attributes = attributes
      initialize_engine
    end

    def is_in_hardware?
      true
    end

    def is_in_memory?
      false
    end

    def generate_key(modulus_bits=1024)
      puts "Key generation is not currently supported in hardware"
      nil
    end

    def private_key
      initialize_engine
      self.engine.load_private_key(self.token_id)
    end

    def public_key
      initialize_engine
      self.engine.load_public_key(self.token_id)
    end

    private

    def initialize_engine
      ## We're going to return early and try again later if params weren't passed in
      ## at initialization.  Any attempt at getting a public/private key will try
      ## again.
      return false if self.openssl_pkcs11_engine_lib.nil? or self.pkcs11_lib.nil?
      return self.engine unless self.engine.nil?
      OpenSSL::Engine.load

      pkcs11 = OpenSSL::Engine.by_id("dynamic") do |e|
        e.ctrl_cmd("SO_PATH",self.openssl_pkcs11_engine_lib)
        e.ctrl_cmd("ID","pkcs11")
        e.ctrl_cmd("LIST_ADD","1")
        e.ctrl_cmd("LOAD")
        e.ctrl_cmd("PIN",self.pin) unless self.pin.nil? or self.pin == ""
        e.ctrl_cmd("MODULE_PATH",self.pkcs11_lib)
      end

      self.engine = pkcs11
      pkcs11
    end

  end
end

Version data entries

13 entries across 13 versions & 3 rubygems

Version Path
leap_cli-1.8.1 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.8 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.7.4 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.7.3 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.6.2 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.5.6 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.5.1 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.5.0 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
leap_cli-1.2.5 vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
certificate_authority_sonian-0.1.7 lib/certificate_authority/pkcs11_key_material.rb
certificate_authority-0.1.6 lib/certificate_authority/pkcs11_key_material.rb
certificate_authority-0.1.5 lib/certificate_authority/pkcs11_key_material.rb
certificate_authority-0.1.4 lib/certificate_authority/pkcs11_key_material.rb