Sha256: aa4b5468c8c3b50021e663922f00b7b53d44885d345f4f4b0ad4623d8c05fc04

Contents?: true

Size: 1.44 KB

Versions: 45

Compression:

Stored size: 1.44 KB

Contents

require 'fileutils'

module HammerCLI
  class CACertManager
    attr_reader :ca_store_path

    def initialize(ca_store_path)
      @ca_store_path = File.expand_path(ca_store_path)
    end

    def store_ca_cert(raw_cert, cert_file)
      raise HammerCLI::NoCACertificate.new unless is_ca_cert?(raw_cert)
      ensure_ca_store_exist
      File.write(cert_file, raw_cert)
      cert_file
    end

    def cert_file_name(uri)
      File.join(ca_store_path, "#{uri.host}_#{uri.port}.pem")
    end

    def cert_exist?(uri)
      File.exist?(cert_file_name(uri))
    end

    protected

    def ensure_ca_store_exist
      FileUtils.mkpath(ca_store_path) unless File.directory?(ca_store_path)
    end

    def is_ca_cert?(cert)
      cert = OpenSSL::X509::Certificate.new(cert) if cert.is_a? String
      cert.extensions.any? do |ex|
        (ex.oid == 'basicConstraints' && ex.value.upcase == 'CA:TRUE') ||
            (ex.oid == 'keyUsage' && ex.value =~ /Cert(ificate )?Sign/i)
      end
    end
  end

  class CertDownloader
    def download(uri)
      noverify_ssl_connection = OpenSSL::SSL::SSLSocket.new(TCPSocket.new(uri.host, uri.port), noverify_ssl_context)
      noverify_ssl_connection.connect
      noverify_ssl_connection.peer_cert_chain.last
    end

    private

    def noverify_ssl_context
      noverify_ssl_context = OpenSSL::SSL::SSLContext.new
      noverify_ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
      noverify_ssl_context
    end
  end
end

Version data entries

45 entries across 45 versions & 1 rubygems

Version Path
hammer_cli-3.14.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.13.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.12.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.10.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.9.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.8.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.7.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.5.1 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.6.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.5.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.4.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.3.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.2.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.1.1 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.0.2 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.1.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.0.1 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-3.0.0 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-2.5.1 lib/hammer_cli/ca_cert_manager.rb
hammer_cli-2.5.0 lib/hammer_cli/ca_cert_manager.rb