Module: Sus::Fixtures::OpenSSL::InvalidCertificateContext

Includes:
ValidCertificateContext
Defined in:
lib/sus/fixtures/openssl/invalid_certificate_context.rb

Instance Method Summary collapse

Methods included from ValidCertificateContext

#certificate_name, #key

Methods included from CertificateAuthorityContext

#certificate_authority_certificate, #certificate_authority_key, #certificate_authority_name, #certificate_store

Instance Method Details

#certificateObject

The certificate used for actual communication:



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/sus/fixtures/openssl/invalid_certificate_context.rb', line 19

def certificate
	@certificate ||= ::OpenSSL::X509::Certificate.new.tap do |certificate|
		certificate.subject = certificate_name
		certificate.issuer = certificate_authority_certificate.subject
		
		certificate.public_key = key.public_key
		
		certificate.serial = 2
		certificate.version = 2
		
		# We set the validity period to the past, so the certificate is invalid:
		certificate.not_before = Time.now - 3600
		certificate.not_after = Time.now - 10
		
		extension_factory = ::OpenSSL::X509::ExtensionFactory.new()
		extension_factory.subject_certificate = certificate
		extension_factory.issuer_certificate = certificate_authority_certificate
		certificate.add_extension extension_factory.create_extension("keyUsage", "digitalSignature", true)
		certificate.add_extension extension_factory.create_extension("subjectKeyIdentifier", "hash")
		
		certificate.sign invalid_key, ::OpenSSL::Digest::SHA256.new
	end
end

#invalid_keyObject 



14
15
16
 
# File 'lib/sus/fixtures/openssl/invalid_certificate_context.rb', line 14

def invalid_key
	@invalid_key ||= ::OpenSSL::PKey::RSA.new(2048)
end