Sha256: 449f4d36b1412c601507bff31cd534efdf0d445b3ecf607b9703ec77661e3a75
Contents?: true
Size: 885 Bytes
Versions: 2
Compression:
Stored size: 885 Bytes
Contents
# frozen_string_literal: true
require "base64"
require_relative "errors"
module SafetyNetAttestation
class SignatureError < Error; end
class X5cKeyFinder
def self.from(x5c_certificates, trusted_certificates, time: Time.now)
store = OpenSSL::X509::Store.new
trusted_certificates.each { |certificate| store.add_cert(certificate) }
signing_certificate, *certificate_chain = x5c_certificates
store_context = OpenSSL::X509::StoreContext.new(store, signing_certificate, certificate_chain)
store_context.time = time
if store_context.verify
store_context.chain
else
error = "Certificate verification failed: #{store_context.error_string}."
error = "#{error} Certificate subject: #{store_context.current_cert.subject}." if store_context.current_cert
raise SignatureError, error
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| safety_net_attestation-0.4.0 | lib/safety_net_attestation/x5c_key_finder.rb |
| safety_net_attestation-0.3.0 | lib/safety_net_attestation/x5c_key_finder.rb |