Module: Fauthentic

Defined in:
lib/fauthentic.rb,
lib/fauthentic/version.rb

Defined Under Namespace

Classes: SslData

Constant Summary collapse

DEFAULT_OPTIONS =
{
  country: "US",
  state: nil,
  org: "Fauthentic",
  org_unit: "Test",
  common_name: "test.example.com",
  email: nil,
  expire_in_days: 30
}
VERSION =
"0.2.0"

Class Method Summary collapse

Class Method Details

.extract_subject(cert) ⇒ Object



62
63
64
# File 'lib/fauthentic.rb', line 62

def self.extract_subject(cert)
  Hash[cert.subject.to_a.map{|i| [i[0].to_sym, i[1]]}]
end

.generate(opts = {}) ⇒ Object



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'lib/fauthentic.rb', line 17

def self.generate(opts = {})
  options = DEFAULT_OPTIONS.merge(opts)

  key = OpenSSL::PKey::RSA.new(2048)

  subject = ""
  subject << "/C=#{options[:country]}" if options[:country]
  subject << "/ST=#{options[:state]}" if options[:state]
  subject << "/O=#{options[:org]}" if options[:org]
  subject << "/OU=#{options[:org_unit]}" if options[:org_unit]
  subject << "/CN=#{options[:common_name]}" if options[:common_name]
  subject << "/emailAddress=#{options[:email]}" if options[:email]

  cert = OpenSSL::X509::Certificate.new
  cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
  cert.not_before = Time.now
  cert.not_after = Time.now + options[:expire_in_days] * 24 * 60 * 60
  cert.public_key = key.public_key
  cert.serial = options[:serial] || self.generate_serial
  cert.version = 2

  ef = OpenSSL::X509::ExtensionFactory.new
  ef.subject_certificate = cert
  ef.issuer_certificate = cert
  cert.add_extension ef.create_extension("basicConstraints","CA:TRUE", true)
  cert.add_extension ef.create_extension("subjectKeyIdentifier", "hash")
  cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")

  cert.sign key, OpenSSL::Digest::SHA256.new

  return SslData.new(cert, key)
end

.generate_serialObject



50
51
52
# File 'lib/fauthentic.rb', line 50

def self.generate_serial
  (Time.now.to_f * 10**12).to_i + Random.rand(10000)
end

.parse_cert(string) ⇒ Object



54
55
56
# File 'lib/fauthentic.rb', line 54

def self.parse_cert(string)
  OpenSSL::X509::Certificate.new(string)
end

.parse_key(string, pass = nil) ⇒ Object



58
59
60
# File 'lib/fauthentic.rb', line 58

def self.parse_key(string, pass=nil)
  OpenSSL::PKey.read(string, pass)
end