class Gem::Security::TrustDir

def cert_path(certificate)

def cert_path(certificate)
  name_path certificate.subject
end

def each_certificate

def each_certificate
  return enum_for __method__ unless block_given?
  glob = File.join @dir, '*.pem'
  Dir[glob].each do |certificate_file|
    begin
      certificate = load_certificate certificate_file
      yield certificate, certificate_file
    rescue OpenSSL::X509::CertificateError
      next # HACK warn
    end
  end
end

def initialize(dir, permissions = DEFAULT_PERMISSIONS)

def initialize(dir, permissions = DEFAULT_PERMISSIONS)
  @dir = dir
  @permissions = permissions
  @digester = Gem::Security.create_digest
end

def issuer_of(certificate)

def issuer_of(certificate)
  path = name_path certificate.issuer
  return unless File.exist? path
  load_certificate path
end

def load_certificate(certificate_file)

def load_certificate(certificate_file)
  pem = File.read certificate_file
  OpenSSL::X509::Certificate.new pem
end

def name_path(name)

def name_path(name)
  digest = @digester.hexdigest name.to_s
  File.join @dir, "cert-#{digest}.pem"
end

def trust_cert(certificate)

def trust_cert(certificate)
  verify
  destination = cert_path certificate
  File.open destination, 'wb', 0600 do |io|
    io.write certificate.to_pem
    io.chmod(@permissions[:trusted_cert])
  end
end

def verify

def verify
  if File.exist? @dir
    raise Gem::Security::Exception,
      "trust directory #{@dir} is not a directory" unless
        File.directory? @dir
    FileUtils.chmod 0700, @dir
  else
    FileUtils.mkdir_p @dir, :mode => @permissions[:trust_dir]
  end
end

Modules

Classes

class Gem::Security::TrustDir

def cert_path(certificate)

def each_certificate

def initialize(dir, permissions = DEFAULT_PERMISSIONS)

def issuer_of(certificate)

def load_certificate(certificate_file)

def name_path(name)

def trust_cert(certificate)

def verify

Namespace

Instance Methods

Defined in