From 55eeef75bb777a405a06ecd3f7112ea19a248b2b Mon Sep 17 00:00:00 2001
From: Sonu Saha <sonu.saha@progress.com>
Date: Wed, 27 Apr 2022 14:58:56 +0530
Subject: [PATCH] CFINSPEC-84: Add exception handling for
 has_matching_certificate

Signed-off-by: Sonu Saha <sonu.saha@progress.com>
---
 lib/inspec/resources/x509_private_key.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/inspec/resources/x509_private_key.rb b/lib/inspec/resources/x509_private_key.rb
index 6594ea86a..7741c06b2 100644
--- a/lib/inspec/resources/x509_private_key.rb
+++ b/lib/inspec/resources/x509_private_key.rb
@@ -68,11 +68,15 @@ module Inspec::Resources
       cert_hash_cmd = "openssl x509 -noout -modulus -in #{cert_file_or_path} | openssl md5"
       cert_hash = inspec.command(cert_hash_cmd)
 
+      raise Inspec::Exceptions::ResourceFailed, "Executing #{cert_hash_cmd} failed: #{cert_hash.stderr}" if cert_hash.exit_status.to_i != 0
+
       key_hash_cmd = "openssl rsa -noout -modulus -in #{secret_key_path}"
       passphrase ? key_hash_cmd.concat(" -passin pass:#{passphrase} | openssl md5") : key_hash_cmd.concat(" | openssl md5")
       key_hash = inspec.command(key_hash_cmd)
 
-      cert_hash.stdout == key_hash.stdout && cert_hash.exit_status.to_i == 0 && key_hash.exit_status.to_i == 0
+      raise Inspec::Exceptions::ResourceFailed, "Executing #{key_hash_cmd} failed: #{key_hash.stderr}" if key_hash.exit_status.to_i != 0
+
+      cert_hash.stdout == key_hash.stdout
     end
 
     private