Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
MSYS-547 Added feature to verify certificate from certificate store
Browse files Browse the repository at this point in the history
Signed-off-by: piyushawasthi <piyush.awasthi@msystechnologies.com>
piyushawasthi committed Apr 9, 2018

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent db05867 commit 4cde6a9
Showing 3 changed files with 13 additions and 11 deletions.
4 changes: 2 additions & 2 deletions lib/win32/certstore.rb
Original file line number Diff line number Diff line change
@@ -71,8 +71,8 @@ def search(certificate_name)
end

# Validate certificate from open certificate store and return boolean
def verify(certificate_name)
cert_verify(certstore_handler, certificate_name)
def valid?(certificate_thumbprint)
cert_validate(certificate_thumbprint)
end

# To close and destroy pointer of open certificate store handler
6 changes: 4 additions & 2 deletions lib/win32/certstore/mixin/helper.rb
Original file line number Diff line number Diff line change
@@ -15,6 +15,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

require 'date'

module Win32
class Certstore
module Mixin
@@ -38,11 +40,11 @@ def cert_ps_cmd(thumbprint)
end

# validate certificate not_before and not_after date in UTC
def valid_duration(cert_obj)
def valid_duration?(cert_obj)
cert_obj.not_before < Time.now.utc && cert_obj.not_after > Time.now.utc
end

end
end
end
end

14 changes: 7 additions & 7 deletions lib/win32/certstore/store_base.rb
Original file line number Diff line number Diff line change
@@ -105,7 +105,7 @@ def cert_delete(store_handler, certificate_thumbprint)
# Verify certificate from open certificate store and return boolean or exceptions
# store_handler => Open certificate store handler
# certificate_thumbprint => thumbprint is a hash. which could be sha1 or md5.
def cert_verify(store_handler, certificate_thumbprint)
def cert_validate(certificate_thumbprint)
validate_thumbprint(certificate_thumbprint)
thumbprint = update_thumbprint(certificate_thumbprint)
cert_pem = get_cert_pem(thumbprint)
@@ -135,6 +135,12 @@ def update_thumbprint(certificate_thumbprint)
certificate_thumbprint.gsub(/[^A-Za-z0-9]/, '')
end

# Verify OpenSSL::X509::Certificate object
def verify_certificate(cert_pem)
return "Certificate not found" if cert_pem.empty?
valid_duration?(build_openssl_obj(cert_pem))
end

# Convert OpenSSL::X509::Certificate object in .der formate
def der_cert(cert_obj)
FFI::MemoryPointer.from_string(cert_obj.to_der)
@@ -151,12 +157,6 @@ def get_rdn(cert_obj)
cert_obj.issuer.to_s.concat("/").scan(/=(.*?)\//).join(", ")
end

# Verify OpenSSL::X509::Certificate object
def verify_certificate(cert_pem)
return "Certificate not found" if cert_pem.empty?
valid_duration(build_openssl_obj(cert_pem))
end

# Format pem
def format_pem(cert_pem)
cert_pem.delete("\r")

0 comments on commit 4cde6a9

Please sign in to comment.