Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-10 07:04:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

CFINSPEC-84: Add exception handling for has_matching_certificate

Browse source 
Signed-off-by: Sonu Saha <sonu.saha@progress.com>
This commit is contained in:
Sonu Saha 2022-04-27 14:58:56 +05:30
parent 13f30b2f63
commit 55eeef75bb
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/inspec/resources/x509_private_key.rb
View file

@ -68,11 +68,15 @@ module Inspec::Resources
cert_hash_cmd = "openssl x509 -noout -modulus -in #{cert_file_or_path} | openssl md5"
cert_hash = inspec.command(cert_hash_cmd)
raise Inspec::Exceptions::ResourceFailed, "Executing #{cert_hash_cmd} failed: #{cert_hash.stderr}" if cert_hash.exit_status.to_i != 0
key_hash_cmd = "openssl rsa -noout -modulus -in #{secret_key_path}"
passphrase ? key_hash_cmd.concat(" -passin pass:#{passphrase} | openssl md5") : key_hash_cmd.concat(" | openssl md5")
key_hash = inspec.command(key_hash_cmd)
cert_hash.stdout == key_hash.stdout && cert_hash.exit_status.to_i == 0 && key_hash.exit_status.to_i == 0
raise Inspec::Exceptions::ResourceFailed, "Executing #{key_hash_cmd} failed: #{key_hash.stderr}" if key_hash.exit_status.to_i != 0
cert_hash.stdout == key_hash.stdout
end
private