In Files

  • rubygems/security/signer.rb

Parent

Methods

Class/Module Index [+]

Quicksearch

Gem::Security::Signer

Basic OpenSSL-based package signing class.

Attributes

cert_chain[RW]

The chain of certificates for signing including the signing certificate

digest_algorithm[R]

The digest algorithm used to create the signature

key[RW]

The private key for the signing certificate

Public Class Methods

new(key, cert_chain) click to toggle source

Creates a new signer with an RSA key or path to a key, and a certificate chain containing X509 certificates, encoding certificates or paths to certificates.

 
               # File rubygems/security/signer.rb, line 32
def initialize key, cert_chain
  @cert_chain = cert_chain
  @key        = key

  unless @key then
    default_key  = File.join Gem.default_key_path
    @key = default_key if File.exist? default_key
  end

  unless @cert_chain then
    default_cert = File.join Gem.default_cert_path
    @cert_chain = [default_cert] if File.exist? default_cert
  end

  @digest_algorithm = Gem::Security::DIGEST_ALGORITHM
  @digest_name      = Gem::Security::DIGEST_NAME

  @key = OpenSSL::PKey::RSA.new File.read @key if
    @key and not OpenSSL::PKey::RSA === @key

  if @cert_chain then
    @cert_chain = @cert_chain.compact.map do |cert|
      next cert if OpenSSL::X509::Certificate === cert

      cert = File.read cert if File.exist? cert

      OpenSSL::X509::Certificate.new cert
    end

    load_cert_chain
  end
end
            

Public Instance Methods

sign(data) click to toggle source

Sign data with given digest algorithm

 
               # File rubygems/security/signer.rb, line 85
def sign data
  return unless @key

  if @cert_chain.length == 1 and @cert_chain.last.not_after < Time.now then
    re_sign_key
  end

  Gem::Security::SigningPolicy.verify @cert_chain, @key

  @key.sign @digest_algorithm.new, data
end
            

Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.

If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.

If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.

If you want to help improve the Ruby documentation, please visit Documenting-ruby.org.

blog comments powered by Disqus