This gem provides ruby implementations of different key stores. This was primarily created to provide the ability
to use many of the good Java key stores from ruby. This gem adds the key stores to the OpenSSL module structure,
since that is where the OpenSSL::PKCS12 keystore lives.
Add this line to your application's Gemfile:
gem 'keystores'And then execute:
$ bundle
Or install it yourself as:
$ gem install keystores
The API for this gem is modeled after the Java KeyStore class. All of the KeyStore implementations provided by this
gem conform to the Keystores::Keystore interface.
The certificate and key objects that these keystores return and expect are OpenSSL::X509::Certificate and
OpenSSL::PKey objects, respectively.
This gem supports reading trusted certificate entries and private key entries. It can read and decrypt RSA, DSA, and EC keys.
Example usage:
require 'keystores'
keystore = OpenSSL::JKS.new
# Load can take any IO object, or a path to a file
key_store_password = 'keystores'
keystore.load('/tmp/keystore.jks', key_store_password)
certificate = keystore.get_certificate('my_certificate')
key = keystore.get_key('my_key', key_store_password)
certificate.check_private_key(key)
certificate_chain = keystore.get_certificate_chain('my_key')
This gem supports writing trusted certificate entries and private key entries. It currently supports writing DSA, RSA, and EC private key entries.
Example usage:
require 'keystores'
keystore = OpenSSL::JKS.new
key = OpenSSL::PKey::RSA.new(File.read('my_key.pem'))
cert_chain = OpenSSL::X509::Certificate.new(File.read('my_cert.pem'))
private_key_password = 'key_password'
keystore.set_key_entry('my-key', key, cert_chain, private_key_password)
key_store_password = 'keystores'
keystore.store('my_keystore.jks', key_store_password)
Bug reports and pull requests are welcome on GitHub at https://github.com/rylarson/keystores.
The gem is available as open source under the terms of the MIT License.