Module: Ccrypto::Java::PKCS12

Includes:
DataConversion, TR::CondUtils
Included in:
ECCKeyBundle, RSAKeyBundle
Defined in:
lib/ccrypto/java/keybundle_store/pkcs12.rb

Defined Under Namespace

Modules: ClassMethods Classes: PKCS12StorageException

Class Method Summary collapse

Instance Method Summary collapse

Methods included from DataConversion

#from_b64, #from_hex, #to_b64, #to_b64_mime, #to_bin, #to_hex, #to_java_bytes, #to_str

Class Method Details

.included(klass) ⇒ Object 



65
66
67
 
# File 'lib/ccrypto/java/keybundle_store/pkcs12.rb', line 65

def self.included(klass)
  klass.extend(ClassMethods)
end

Instance Method Details

#to_pkcs12(&block) ⇒ Object

Raises:

  • (KeypairEngineException) 


69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
 
# File 'lib/ccrypto/java/keybundle_store/pkcs12.rb', line 69

def to_pkcs12(&block)

  raise KeypairEngineException, "block is required" if not block

  storeType = block.call(:store_type)
  storeType = "PKCS12" if is_empty?(storeType)

  prof = block.call(:jce_provider)
  if not_empty?(prof)
    ks = java.security.KeyStore.getInstance(storeType, prof)
  else
    ks = java.security.KeyStore.getInstance(storeType)
  end

  ks.load(nil,nil)

  gcert = block.call(:cert)
  raise KeypairEngineException, "PKCS12 requires the X.509 certificate" if is_empty?(gcert)

  ca = block.call(:certchain) || [cert]
  ca = [cert] if is_empty?(ca)
  ca = ca.unshift(gcert) if not ca.first.equal?(gcert)
  ca = ca.collect { |c|
    Ccrypto::X509Cert.to_java_cert(c) 
  }

  pass = block.call(:p12_pass) || block.call(:jks_pass)
  raise KeypairEngineException, "Password is required" if is_empty?(pass)

  name = block.call(:p12_name) || block.call(:jks_name)
  name = "Ccrypto P12" if is_empty?(name)

  keypair = block.call(:keypair)
  raise KeypairEngineException, "Keypair is required" if is_empty?(keypair)

  ks.setKeyEntry(name, keypair.private, pass.to_java.toCharArray, ca.to_java(java.security.cert.Certificate))

  baos = java.io.ByteArrayOutputStream.new
  ks.store(baos, pass.to_java.toCharArray)
  res = baos.toByteArray

  outForm = block.call(:out_format)
  case outForm
  when :b64
    to_b64(res)
  when :hex
    to_hex(res)
  else
    res
  end

end