diff options
Diffstat (limited to 'lib/rubygems/security/signer.rb')
-rw-r--r-- | lib/rubygems/security/signer.rb | 24 |
1 files changed, 3 insertions, 21 deletions
diff --git a/lib/rubygems/security/signer.rb b/lib/rubygems/security/signer.rb index bb1eae7cf2..78455c0732 100644 --- a/lib/rubygems/security/signer.rb +++ b/lib/rubygems/security/signer.rb @@ -29,7 +29,7 @@ class Gem::Security::Signer # +chain+ containing X509 certificates, encoding certificates or paths to # certificates. - def initialize key, cert_chain, passphrase = nil + def initialize key, cert_chain @cert_chain = cert_chain @key = key @@ -46,7 +46,7 @@ class Gem::Security::Signer @digest_algorithm = Gem::Security::DIGEST_ALGORITHM @digest_name = Gem::Security::DIGEST_NAME - @key = OpenSSL::PKey::RSA.new File.read(@key), passphrase if + @key = OpenSSL::PKey::RSA.new File.read @key if @key and not OpenSSL::PKey::RSA === @key if @cert_chain then @@ -63,22 +63,6 @@ class Gem::Security::Signer end ## - # Extracts the full name of +cert+. If the certificate has a subjectAltName - # this value is preferred, otherwise the subject is used. - - def extract_name cert # :nodoc: - subject_alt_name = cert.extensions.find { |e| 'subjectAltName' == e.oid } - - if subject_alt_name then - /\Aemail:/ =~ subject_alt_name.value - - $' || subject_alt_name.value - else - cert.subject - end - end - - ## # Loads any missing issuers in the cert chain from the trusted certificates. # # If the issuer does not exist it is ignored as it will be checked later. @@ -105,9 +89,7 @@ class Gem::Security::Signer re_sign_key end - full_name = extract_name @cert_chain.last - - Gem::Security::SigningPolicy.verify @cert_chain, @key, {}, {}, full_name + Gem::Security::SigningPolicy.verify @cert_chain, @key @key.sign @digest_algorithm.new, data end |