summaryrefslogtreecommitdiff
path: root/app/validators
diff options
context:
space:
mode:
Diffstat (limited to 'app/validators')
-rw-r--r--app/validators/certificate_key_validator.rb24
-rw-r--r--app/validators/certificate_validator.rb30
2 files changed, 54 insertions, 0 deletions
diff --git a/app/validators/certificate_key_validator.rb b/app/validators/certificate_key_validator.rb
new file mode 100644
index 00000000000..3b5bd30db1a
--- /dev/null
+++ b/app/validators/certificate_key_validator.rb
@@ -0,0 +1,24 @@
+# UrlValidator
+#
+# Custom validator for private keys.
+#
+# class Project < ActiveRecord::Base
+# validates :certificate_key, certificate_key: true
+# end
+#
+class CertificateKeyValidator < ActiveModel::EachValidator
+ def validate_each(record, attribute, value)
+ unless valid_private_key_pem?(value)
+ record.errors.add(attribute, "must be a valid PEM private key")
+ end
+ end
+
+ private
+
+ def valid_private_key_pem?(value)
+ pkey = OpenSSL::PKey::RSA.new(value)
+ pkey.private?
+ rescue OpenSSL::PKey::PKeyError
+ false
+ end
+end
diff --git a/app/validators/certificate_validator.rb b/app/validators/certificate_validator.rb
new file mode 100644
index 00000000000..2cba5a435b7
--- /dev/null
+++ b/app/validators/certificate_validator.rb
@@ -0,0 +1,30 @@
+# UrlValidator
+#
+# Custom validator for private keys.
+#
+# class Project < ActiveRecord::Base
+# validates :certificate_key, certificate_key: true
+# end
+#
+class CertificateValidator < ActiveModel::EachValidator
+ def validate_each(record, attribute, value)
+ certificate = parse_certificate(value)
+ unless certificate
+ record.errors.add(attribute, "must be a valid PEM certificate")
+ end
+
+ if options[:intermediates]
+ unless certificate
+ record.errors.add(attribute, "certificate verification failed: missing intermediate certificates")
+ end
+ end
+ end
+
+ private
+
+ def parse_certificate(value)
+ OpenSSL::X509::Certificate.new(value)
+ rescue OpenSSL::X509::CertificateError
+ nil
+ end
+end