class Pkernel::Certificate::Owner

Public Class Methods

from_p10(csr) click to toggle source

assumption: CSR here already in object of PKCS10CertificationRequest

# File lib/pkernel_jce/certificate_owner.rb, line 57
def self.from_p10(csr)
  if csr.nil?
    raise PkernelJce::Error, "Cannot load CSR from nil"
  end

  if PkernelJce::CSRProxy.is_signature_valid?(csr)
    owner = Pkernel::Certificate::Owner.new
    parse_x500_subject(csr.subject) do |k,v|
      case k
      when :cn
        owner.name = v
      when :o
        owner.org = v
      when :ou
        owner.orgUnit = v
      when :serial
        owner.serial = v
      when :email
        owner.emails << v
      end
    end

    owner
  else
    raise PkernelJce::Error, "Signature of CSR is not valid"
  end
end
parse_x500_subject(subject, &block) click to toggle source
# File lib/pkernel_jce/certificate_owner.rb, line 29
def self.parse_x500_subject(subject, &block)
  if block
  else
    raise PkernelJce::Error, "Block required to parse x500 subject"
  end
  
  subject.getRDNs.each do |rd|
    rd.getTypesAndValues.each do |tv|
      case tv.type
      when Java::OrgBouncycastleAsn1X500Style::BCStyle::CN
        block.call(:cn, tv.value.string)
      when Java::OrgBouncycastleAsn1X500Style::BCStyle::O
        block.call(:o, tv.value.string)
      when Java::OrgBouncycastleAsn1X500Style::BCStyle::OU
        block.call(:ou, tv.value.string)
      when Java::OrgBouncycastleAsn1X500Style::BCStyle::SN
        block.call(:serial, tv.value.string)
      when Java::OrgBouncycastleAsn1X500Style::BCStyle::EmailAddress
        block.call(:email, tv.value.string)
      else
        PkernelJce::GConf.instance.glog.warn "Uncaught key-value in subject parsing '#{tv.type}-#{tv.value}'"
      end
    end
  end
end

Public Instance Methods

to_x500_subject() click to toggle source
# File lib/pkernel_jce/certificate_owner.rb, line 10
def to_x500_subject

  PkernelJce::Provider.add_default
  builder = Java::OrgBouncycastleAsn1X500::X500NameBuilder.new
  builder.addRDN(Java::OrgBouncycastleAsn1X500Style::BCStyle::CN, @name)

  builder.addRDN(Java::OrgBouncycastleAsn1X500Style::BCStyle::O, @org) if @org != nil and not @org.empty?
  builder.addRDN(Java::OrgBouncycastleAsn1X500Style::BCStyle::OU, @orgUnit) if @orgUnit != nil and not @orgUnit.empty?
  builder.addRDN(Java::OrgBouncycastleAsn1X500Style::BCStyle::SN, @serial) if @serial != nil and not @serial.empty?

  # this should not be here...
  if @emails.length > 0
    builder.addRDN(Java::OrgBouncycastleAsn1X500Style::BCStyle::EmailAddress, @emails[0]) 
  end

  builder.build

end