diff options
Diffstat (limited to 'lib/rubygems/security/signer.rb')
| -rw-r--r-- | lib/rubygems/security/signer.rb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/rubygems/security/signer.rb b/lib/rubygems/security/signer.rb index 1ee9c31be6..fc98f951bc 100644 --- a/lib/rubygems/security/signer.rb +++ b/lib/rubygems/security/signer.rb @@ -30,6 +30,24 @@ class Gem::Security::Signer attr_reader :digest_name # :nodoc: ## + # Attemps to re-sign an expired cert with a given private key + def self.re_sign_cert(expired_cert, expired_cert_path, private_key) + return unless expired_cert.not_after < Time.now + + expiry = expired_cert.not_after.strftime('%Y%m%d%H%M%S') + expired_cert_file = "#{File.basename(expired_cert_path)}.expired.#{expiry}" + new_expired_cert_path = File.join(Gem.user_home, ".gem", expired_cert_file) + + Gem::Security.write(expired_cert, new_expired_cert_path) + + re_signed_cert = Gem::Security.re_sign(expired_cert, private_key) + + Gem::Security.write(re_signed_cert, expired_cert_path) + + yield(expired_cert_path, new_expired_cert_path) if block_given? + end + + ## # Creates a new signer with an RSA +key+ or path to a key, and a certificate # +chain+ containing X509 certificates, encoding certificates or paths to # certificates. |