Class: EaSSL::Certificate

Inherits:
Object
  • Object
show all
Defined in:
lib/eassl/certificate.rb

Overview

Author

Paul Nicholson ([email protected])

Co-Author

Adam Williams ([email protected])

Copyright

Copyright © 2006 WebPower Design

License

Distributes under the same terms as Ruby

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(options) ⇒ Certificate

Returns a new instance of Certificate.



9
10
11
12
13
14
15
16
 
# File 'lib/eassl/certificate.rb', line 9

def initialize(options)
  @options = {
    :days_valid       => (365 * 5),
    :signing_request  => nil,               #required
    :ca_certificate   => nil,               #required
    :comment          => "Ruby/OpenSSL/EaSSL Generated Certificate",
  }.update(options)
end

Class Method Details

.load(pem_file_path) ⇒ Object 



52
53
54
 
# File 'lib/eassl/certificate.rb', line 52

def self.load(pem_file_path)
  new({}).load(File.read(pem_file_path))
end

Instance Method Details

#load(pem_string) ⇒ Object 



56
57
58
59
60
61
62
63
 
# File 'lib/eassl/certificate.rb', line 56

def load(pem_string)
  begin
    @ssl = OpenSSL::X509::Certificate.new(pem_string)
  rescue
    raise "CertificateLoader: Error loading certificate"
  end
  self
end

#sign(ca_key) ⇒ Object 



44
45
46
 
# File 'lib/eassl/certificate.rb', line 44

def sign(ca_key)
  ssl.sign(ca_key.ssl, OpenSSL::Digest::SHA1.new)
end

#sslObject 



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'lib/eassl/certificate.rb', line 18

def ssl
  unless @ssl
    @ssl = OpenSSL::X509::Certificate.new
    @ssl.not_before = Time.now
    @ssl.subject = @options[:signing_request].subject
    @ssl.issuer = @options[:ca_certificate]? @options[:ca_certificate].subject :  @ssl.subject
    @ssl.not_after = @ssl.not_before + @options[:days_valid] * 24 * 60 * 60
    @ssl.public_key = @options[:signing_request].public_key
    @ssl.serial = @options[:serial] || 2
    @ssl.version = 2 # X509v3
  
    ef = OpenSSL::X509::ExtensionFactory.new
    ef.subject_certificate = @ssl
    ef.issuer_certificate = @options[:ca_certificate]? @options[:ca_certificate].ssl : @ssl
    @ssl.extensions = [
      ef.create_extension("basicConstraints","CA:FALSE"),
      ef.create_extension("keyUsage", "digitalSignature, keyEncipherment"),
      ef.create_extension("subjectKeyIdentifier", "hash"),
      ef.create_extension("extendedKeyUsage", "serverAuth"),
      ef.create_extension("nsComment", @options[:comment]),
    ]
    @ssl.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always"))
  end
  @ssl
end

#to_pemObject 



48
49
50
 
# File 'lib/eassl/certificate.rb', line 48

def to_pem
  ssl.to_pem
end