lib/r509/private_key.rb in r509-0.10.0 vs lib/r509/private_key.rb in r509-1.0

@@ -1,16 +1,16 @@
 require 'openssl'
 require 'r509/io_helpers'
 require 'r509/exceptions'
 
 module R509
-  #private key management
+  # private key management
   class PrivateKey
     include R509::IOHelpers
 
     # a list of key types
-    KNOWN_TYPES = ["RSA","DSA","EC"]
+    KNOWN_TYPES = ["RSA", "DSA", "EC"]
     # the default type
     DEFAULT_TYPE = "RSA"
     # default bit length for DSA/RSA
     DEFAULT_STRENGTH = 2048
     # default curve name for EC
@@ -22,32 +22,31 @@
     # @option opts [Integer] :bit_strength (2048) Deprecated, identical to bit_length.
     # @option opts [String] :password
     # @option opts [String,OpenSSL::PKey::RSA,OpenSSL::PKey::DSA,OpenSSL::PKey::EC] :key
     # @option opts [OpenSSL::Engine] :engine
     # @option opts [string] :key_name (used with engine)
-    def initialize(opts={})
-      if not opts.kind_of?(Hash)
+    def initialize(opts = {})
+      unless opts.is_a?(Hash)
         raise ArgumentError, 'Must provide a hash of options'
       end
       validate_engine(opts)
 
-      if opts.has_key?(:key)
+      if opts.key?(:key)
         validate_key(opts)
       else
         generate_key(opts)
       end
     end
 
     # Helper method to quickly load a private key from the filesystem
     #
     # @param [String] filename Path to file you want to load
     # @return [R509::PrivateKey] PrivateKey object
-    def self.load_from_file( filename, password = nil )
-      return R509::PrivateKey.new(:key => IOHelpers.read_data(filename), :password => password )
+    def self.load_from_file(filename, password = nil)
+      R509::PrivateKey.new(:key => IOHelpers.read_data(filename), :password => password)
     end
 
-
     # Returns the bit length of the key
     #
     # @return [Integer]
     def bit_length
       if self.rsa?
@@ -56,11 +55,11 @@
         return self.public_key.p.num_bits
       elsif self.ec?
         raise R509::R509Error, 'Bit length is not available for EC at this time.'
       end
     end
-    alias :bit_strength :bit_length
+    alias_method :bit_strength, :bit_length
 
     # Returns the short name of the elliptic curve used to generate the private key
     # if the key is EC. If not, raises an error.
     #
     # @return [String] elliptic curve name
@@ -81,11 +80,11 @@
       end
     end
 
     # @return [Boolean] whether the key is resident in hardware or not
     def in_hardware?
-      if not @engine.nil?
+      if @engine
         true
       else
         false
       end
     end
@@ -97,18 +96,18 @@
         # with the way OpenSSL::PKey::RSA/DSA do it. We could return the original PKey::EC object
         # but if we do that then it has the private_key as well. Here's a ghetto workaround.
         # We have to supply the curve name to the temporary key object or else #public_key= fails
         curve_name = self.key.group.curve_name
         temp_key = OpenSSL::PKey::EC.new(curve_name)
-        temp_key.public_key=self.key.public_key
+        temp_key.public_key = self.key.public_key
         temp_key
       else
         self.key.public_key
       end
     end
 
-    alias :to_s :public_key
+    alias_method :to_s, :public_key
 
     # Converts the key into the PEM format
     #
     # @return [String] the key converted into PEM format.
     def to_pem
@@ -123,19 +122,18 @@
     # @param [String,OpenSSL::Cipher] cipher to use for encryption
     # full list of available ciphers can be obtained with OpenSSL::Cipher.ciphers
     # (common ones are des3, aes256, aes128)
     # @param [String] password password
     # @return [String] the key converted into encrypted PEM format.
-    def to_encrypted_pem(cipher,password)
+    def to_encrypted_pem(cipher, password)
       if in_hardware?
         raise R509::R509Error, "This method cannot be called when using keys in hardware"
       end
       cipher = OpenSSL::Cipher::Cipher.new(cipher)
-      self.key.to_pem(cipher,password)
+      self.key.to_pem(cipher, password)
     end
 
-
     # Converts the key into the DER format
     #
     # @return [String] the key converted into DER format.
     def to_der
       if in_hardware?
@@ -150,82 +148,80 @@
     #  the file that you'd like to write, or an IO-like object.
     def write_pem(filename_or_io)
       write_data(filename_or_io, self.to_pem)
     end
 
-
     # Writes the key into encrypted PEM format with specified cipher
     #
     # @param [String, #write] filename_or_io Either a string of the path for
     #  the file that you'd like to write, or an IO-like object.
     # @param [String,OpenSSL::Cipher] cipher to use for encryption
     # full list of available ciphers can be obtained with OpenSSL::Cipher.ciphers
     # (common ones are des3, aes256, aes128)
     # @param [String] password password
-    def write_encrypted_pem(filename_or_io,cipher,password)
-      write_data(filename_or_io, to_encrypted_pem(cipher,password))
+    def write_encrypted_pem(filename_or_io, cipher, password)
+      write_data(filename_or_io, to_encrypted_pem(cipher, password))
     end
 
     # Writes the key into the DER format
     #
     # @param [String, #write] filename_or_io Either a string of the path for
     #  the file that you'd like to write, or an IO-like object.
     def write_der(filename_or_io)
       write_data(filename_or_io, self.to_der)
     end
 
-
     # Returns whether the key is RSA
     #
     # @return [Boolean] true if the key is RSA, false otherwise
     def rsa?
-      self.key.kind_of?(OpenSSL::PKey::RSA)
+      self.key.is_a?(OpenSSL::PKey::RSA)
     end
 
     # Returns whether the key is DSA
     #
     # @return [Boolean] true if the key is DSA, false otherwise
     def dsa?
-      self.key.kind_of?(OpenSSL::PKey::DSA)
+      self.key.is_a?(OpenSSL::PKey::DSA)
     end
 
     # Returns whether the key is EC
     #
     # @return [Boolean] true if the key is EC, false otherwise
     def ec?
-      self.key.kind_of?(OpenSSL::PKey::EC)
+      self.key.is_a?(OpenSSL::PKey::EC)
     end
 
     private
 
     def validate_engine(opts)
-      if opts.has_key?(:engine) and opts.has_key?(:key)
+      if opts.key?(:engine) && opts.key?(:key)
         raise ArgumentError, 'You can\'t pass both :key and :engine'
-      elsif opts.has_key?(:key_name) and not opts.has_key?(:engine)
+      elsif opts.key?(:key_name) && !opts.key?(:engine)
         raise ArgumentError, 'When providing a :key_name you MUST provide an :engine'
-      elsif opts.has_key?(:engine) and not opts.has_key?(:key_name)
+      elsif opts.key?(:engine) && !opts.key?(:key_name)
         raise ArgumentError, 'When providing an :engine you MUST provide a :key_name'
-      elsif opts.has_key?(:engine) and opts.has_key?(:key_name)
-        if not opts[:engine].kind_of?(OpenSSL::Engine)
+      elsif opts.key?(:engine) && opts.key?(:key_name)
+        unless opts[:engine].is_a?(OpenSSL::Engine)
           raise ArgumentError, 'When providing an engine, it must be of type OpenSSL::Engine'
         end
         @engine = opts[:engine]
         @key_name = opts[:key_name]
       end
     end
 
     def validate_key(opts)
       password = opts[:password] || nil
-      #OpenSSL::PKey.read solves this begin/rescue garbage but is only
-      #available to Ruby 1.9.3+ and may not solve the EC portion
+      # OpenSSL::PKey.read solves this begin/rescue garbage but is only
+      # available to Ruby 1.9.3+ and may not solve the EC portion
       begin
-        @key = OpenSSL::PKey::RSA.new(opts[:key],password)
+        @key = OpenSSL::PKey::RSA.new(opts[:key], password)
       rescue OpenSSL::PKey::RSAError
         begin
-          @key = OpenSSL::PKey::DSA.new(opts[:key],password)
+          @key = OpenSSL::PKey::DSA.new(opts[:key], password)
         rescue
           begin
-            @key = OpenSSL::PKey::EC.new(opts[:key],password)
+            @key = OpenSSL::PKey::EC.new(opts[:key], password)
           rescue
             raise R509::R509Error, "Failed to load private key. Invalid key or incorrect password."
           end
         end
       end