Some private keys require a password to 'unlock' them. It's useful to be able to specify this programmatically in order to avoid being prompted.

2023-03-27 23:23:07 -04:00 · 2010-11-24 17:27:45 +00:00 · 2010-11-24 17:27:45 +00:00 · 59286c940e
commit 59286c940e
parent ec3ff0d77e
4 changed files with 25 additions and 4 deletions
--- a/lib/httparty.rb
+++ b/lib/httparty.rb
@ -218,10 +218,11 @@ module HTTParty
    #
    #   class Foo
    #     include HTTParty
-    #     pem File.read('/home/user/my.pem')
+    #     pem File.read('/home/user/my.pem'), "optional password"
    #   end
-    def pem(pem_contents)
+    def pem(pem_contents, password=nil)
      default_options[:pem] = pem_contents
+      default_options[:pem_password] = password
    end

    # Override the way query strings are normalized.
--- a/lib/httparty/request.rb
+++ b/lib/httparty/request.rb
@ -76,7 +76,7 @@ module HTTParty
        # Client certificate authentication
        if options[:pem]
          http.cert = OpenSSL::X509::Certificate.new(options[:pem])
-          http.key = OpenSSL::PKey::RSA.new(options[:pem])
+          http.key = OpenSSL::PKey::RSA.new(options[:pem], options[:pem_password])
          http.verify_mode = OpenSSL::SSL::VERIFY_PEER
        end

--- a/spec/httparty/request_spec.rb
+++ b/spec/httparty/request_spec.rb
@ -160,9 +160,10 @@ describe HTTParty::Request do
          @cert = mock("OpenSSL::X509::Certificate")
          @key =  mock("OpenSSL::PKey::RSA")
          OpenSSL::X509::Certificate.should_receive(:new).with(pem).and_return(@cert)
-          OpenSSL::PKey::RSA.should_receive(:new).with(pem).and_return(@key)
+          OpenSSL::PKey::RSA.should_receive(:new).with(pem, "password").and_return(@key)

          @request.options[:pem] = pem
+          @request.options[:pem_password] = "password"
          @pem_http = @request.send(:http)
        end

--- a/spec/httparty_spec.rb
+++ b/spec/httparty_spec.rb
@ -19,6 +19,25 @@ describe HTTParty do
      HTTParty::AllowedFormats.should == HTTParty::Parser::SupportedFormats
    end
  end
+  
+  describe "pem" do
+
+    it 'should set the pem content' do
+      @klass.pem 'PEM-CONTENT'
+      @klass.default_options[:pem].should == 'PEM-CONTENT'
+    end
+
+    it "should set the password to nil if it's not provided" do
+      @klass.pem 'PEM-CONTENT'
+      @klass.default_options[:pem_password].should be_nil
+    end
+
+    it 'should set the password' do
+      @klass.pem 'PEM-CONTENT', 'PASSWORD'
+      @klass.default_options[:pem_password].should == 'PASSWORD'
+    end
+
+  end

  describe "base uri" do
    before(:each) do