From 9b912d028fe1a2622ec61a56b1f0774ef3c9f43b Mon Sep 17 00:00:00 2001
From: Ken Barber <ken@bob.sh>
Date: Sun, 14 Aug 2011 03:47:32 +0200
Subject: (#8925) Added new function called 'get_certificate' for retrieving
 certificates from a CA (or locally).

This function works by either obtaining the file locally
or remotely based on Puppets configuration.

Also added get_pubkey which wraps get_certificate and extracts the
public key.
---
 lib/puppet/parser/functions/get_pubkey.rb | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 lib/puppet/parser/functions/get_pubkey.rb

(limited to 'lib/puppet/parser/functions/get_pubkey.rb')

diff --git a/lib/puppet/parser/functions/get_pubkey.rb b/lib/puppet/parser/functions/get_pubkey.rb
new file mode 100644
index 0000000..744b9df
--- /dev/null
+++ b/lib/puppet/parser/functions/get_pubkey.rb
@@ -0,0 +1,25 @@
+module Puppet::Parser::Functions
+  newfunction(:get_pubkey, :type => :rvalue, :doc => <<-EOS
+Gets a public key given a CN. This function accepts all the same
+parameters as get_certificate(), but instead returns the public
+key portion of the certificate.
+
+See get_certificate() for a more complete list of options available.
+EOS
+  ) do |arguments|
+
+    # Wrap the get_certificate method
+    method = Puppet::Parser::Functions.function(:get_certificate)
+    cert_text = send(method, arguments)
+
+    require 'openssl'
+    
+    if cert_text == :undef then
+      return :undef
+    else
+      cert = OpenSSL::X509::Certificate.new(cert_text)
+      pubkey = cert.public_key
+      return pubkey.to_s
+    end
+  end
+end
-- 
cgit v1.2.3