Module: Ccrypto::Java::PKCS12::ClassMethods

Includes:
DataConversion
Defined in:
lib/ccrypto/java/keybundle_store/pkcs12.rb

Instance Method Summary collapse

Methods included from DataConversion

#from_b64, #from_hex, included, #to_b64, #to_b64_mime, #to_bin, #to_hex, #to_java_bytes, #to_str

Instance Method Details

#from_pkcs12(bin, &block) ⇒ Object

Raises:



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/ccrypto/java/keybundle_store/pkcs12.rb', line 16

def from_pkcs12(bin, &block)

  raise PKCS12StorageException, "block is required" if not block

  storeType = block.call(:store_type)
  storeType = "PKCS12" if is_empty?(storeType)

  prof = block.call(:jce_provider)
  if not_empty?(prof)
    ks = java.security.KeyStore.getInstance(storeType, prof)
  else
    ks = java.security.KeyStore.getInstance(storeType)
  end

  pass = block.call(:p12_pass) || block.call(:jks_pass)
  name = block.call(:p12_name) || block.call(:jks_name)

  #case bin
  #when String
  #  bbin = bin.to_java_bytes
  #when ::Java::byte[]
  #  bbin = bin
  #else
  #  raise KeypairEngineException, "Java byte array is expected. Given #{bin.class}"
  #end

  bbin = to_java_bytes(bin)

  ks.load(java.io.ByteArrayInputStream.new(bbin),pass.to_java.toCharArray)

  name = ks.aliases.to_a.first if is_empty?(name)

  userCert = Ccrypto::X509Cert.new(ks.getCertificate(name))
  chain = ks.get_certificate_chain(name).collect { |c| Ccrypto::X509Cert.new(c) }
  chain = chain.delete_if { |c| c.equal?(userCert) }

  key = ks.getKey(name, pass.to_java.toCharArray)
  case key
  when java.security.interfaces.ECPrivateKey
    [Ccrypto::Java::ECCKeyBundle.new(key), userCert, chain]
  when java.security.interfaces.RSAPrivateKey
    [Ccrypto::Java::RSAKeyBundle.new(key), userCert, chain]
  else
    raise PKCS12StorageException, "Unknown key type #{key}"
  end

end