In Files

  • rubygems/security/trust_dir.rb

Class/Module Index [+]

Quicksearch

Gem::Security::TrustDir

Attributes

dir[R]

Public Class Methods

new(dir, permissions = DEFAULT_PERMISSIONS) click to toggle source 
 
               # File rubygems/security/trust_dir.rb, line 8
def initialize dir, permissions = DEFAULT_PERMISSIONS
  @dir = dir
  @permissions = permissions

  @digester = Gem::Security::DIGEST_ALGORITHM
end

Public Instance Methods

cert_path(certificate) click to toggle source

Returns the path to the trusted certificate

 
               # File rubygems/security/trust_dir.rb, line 20
def cert_path certificate
  name_path certificate.subject
end
each_certificate() click to toggle source

Enumerates trusted certificates.

 
               # File rubygems/security/trust_dir.rb, line 27
def each_certificate
  return enum_for __method__ unless block_given?

  glob = File.join @dir, '*.pem'

  Dir[glob].each do |certificate_file|
    begin
      certificate = load_certificate certificate_file

      yield certificate, certificate_file
    rescue OpenSSL::X509::CertificateError
      next # HACK warn
    end
  end
end
issuer_of(certificate) click to toggle source

Returns the issuer certificate of the given certificate if it exists in the trust directory.

 
               # File rubygems/security/trust_dir.rb, line 47
def issuer_of certificate
  path = name_path certificate.issuer

  return unless File.exist? path

  load_certificate path
end
load_certificate(certificate_file) click to toggle source

Loads the given certificate_file

 
               # File rubygems/security/trust_dir.rb, line 67
def load_certificate certificate_file
  pem = File.read certificate_file

  OpenSSL::X509::Certificate.new pem
end
name_path(name) click to toggle source

Returns the path to the trusted certificate with the given ASN.1 name

 
               # File rubygems/security/trust_dir.rb, line 58
def name_path name
  digest = @digester.hexdigest name.to_s

  File.join @dir, "cert-#{digest}.pem"
end
trust_cert(certificate) click to toggle source

Add a certificate to trusted certificate list.

 
               # File rubygems/security/trust_dir.rb, line 76
def trust_cert certificate
  verify

  destination = cert_path certificate

  open destination, 'wb', @permissions[:trusted_cert] do |io|
    io.write certificate.to_pem
  end
end
verify() click to toggle source

Make sure the trust directory exists. If it does exist, make sure it’s actually a directory. If not, then create it with the appropriate permissions.

 
               # File rubygems/security/trust_dir.rb, line 91
def verify
  if File.exist? @dir then
    raise Gem::Security::Exception,
      "trust directory #{@dir} is not a directory" unless
        File.directory? @dir

    FileUtils.chmod 0700, @dir
  else
    FileUtils.mkdir_p @dir, :mode => @permissions[:trust_dir]
  end
end

Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.

If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.

If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.

If you want to help improve the Ruby documentation, please see Improve the docs, or visit Documenting-ruby.org.

blog comments powered by Disqus