Daniel Danopia wrote:
>> it wants a Base64 encoding (I got that
> part) of a PkiPath of a DER-encoded cert chain. I can't figure out how
> to generate the last two in Ruby.

Do you have a test case you can share - i.e. an actual certificate in 
PEM format, together with the corresponding hash?

Ruby provides a very thin layer on top of OpenSSL's API, so if you can 
answer the question for openssl you can probably do it in Ruby.

Googling for "openssl pkipath" I found this, which at least defines the 
pkipath:
http://marc.info/?l=openssl-users&m=109655589300276&w=2

Encoding an ASN1 'Sequence' is fairly straightforward, and so is 
converting it to DER.

>> OpenSSL::ASN1::Sequence.new([OpenSSL::ASN1::IA5String.new("hello"), OpenSSL::ASN1::IA5String.new("world")]).to_der
=> "0\016\026\005hello\026\005world"

So my first attempt would be something along the lines of:

>> c1 = OpenSSL::X509::Certificate.new(File.read("/etc/ssl/certs/Verisign_Class_1_Public_Primary_Certification_Authority.pem"))
>> c2 = OpenSSL::X509::Certificate.new(File.read("/etc/ssl/certs/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem"))
>> OpenSSL::ASN1::Sequence.new([c1,c2])

If you have the source code to the Java libraries referred to in the 
example code, that may help too.
-- 
Posted via http://www.ruby-forum.com/.