Sha256: ea785918d70a7595630cbda2b083b816e39e7004bc7a1b6cde349ff45b325598
Contents?: true
Size: 1020 Bytes
Versions: 1
Compression:
Stored size: 1020 Bytes
Contents
require 'certmeister/policy/response'
require 'openssl'
module Certmeister
module Policy
class KeyBits
DEFAULT_MIN_KEY_BITS = 4096
attr_reader :min_key_bits
def initialize(min_key_bits = DEFAULT_MIN_KEY_BITS)
validate_min_key_bits(min_key_bits)
@min_key_bits = min_key_bits
end
def authenticate(request)
if not request[:pem]
Certmeister::Policy::Response.new(false, "missing pem")
else
cert = OpenSSL::X509::Request.new(request[:pem])
pkey = cert.public_key
kbits = pkey.n.num_bytes * 8
if kbits < @min_key_bits
Certmeister::Policy::Response.new(false, "weak key")
else
Certmeister::Policy::Response.new(true, nil)
end
end
end
private
def validate_min_key_bits(min_key_bits)
unless min_key_bits.is_a?(Integer)
raise ArgumentError.new("invalid minimum key size")
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| certmeister-2.2.0 | lib/certmeister/policy/key_bits.rb |