Class: Samlr::Tools::CertificateBuilder
- Defined in:
- lib/samlr/tools/certificate_builder.rb
Overview
Container for generating/referencing X509 and keys
Instance Attribute Summary collapse
-
#key_size ⇒ Object
readonly
Returns the value of attribute key_size.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(options = {}) ⇒ CertificateBuilder
constructor
A new instance of CertificateBuilder.
- #key_pair ⇒ Object
- #sign(string) ⇒ Object
- #to_certificate ⇒ Object
- #verify(signature, string) ⇒ Object
- #x509 ⇒ Object
- #x509_as_pem ⇒ Object
Constructor Details
#initialize(options = {}) ⇒ CertificateBuilder
Returns a new instance of CertificateBuilder.
8 9 10 11 12 |
# File 'lib/samlr/tools/certificate_builder.rb', line 8 def initialize( = {}) @key_size = .fetch(:key_size, 4096) @x509 = [:x509] @key_pair = [:key_pair] end |
Instance Attribute Details
#key_size ⇒ Object (readonly)
Returns the value of attribute key_size.
6 7 8 |
# File 'lib/samlr/tools/certificate_builder.rb', line 6 def key_size @key_size end |
Class Method Details
.dump(path, certificate, id = "samlr") ⇒ Object
61 62 63 64 |
# File 'lib/samlr/tools/certificate_builder.rb', line 61 def self.dump(path, certificate, id = "samlr") File.open(File.join(path, "#{id}_private_key.pem"), "w") { |f| f.write(certificate.key_pair.to_pem) } File.open(File.join(path, "#{id}_certificate.pem"), "w") { |f| f.write(certificate.x509.to_pem) } end |
.load(path, id = "samlr") ⇒ Object
66 67 68 69 70 71 |
# File 'lib/samlr/tools/certificate_builder.rb', line 66 def self.load(path, id = "samlr") key_pair = OpenSSL::PKey::RSA.new(File.read(File.join(path, "#{id}_private_key.pem"))) x509_cert = OpenSSL::X509::Certificate.new(File.read(File.join(path, "#{id}_certificate.pem"))) new(:key_pair => key_pair, :x509 => x509_cert) end |
Instance Method Details
#key_pair ⇒ Object
45 46 47 |
# File 'lib/samlr/tools/certificate_builder.rb', line 45 def key_pair @key_pair ||= OpenSSL::PKey::RSA.new(key_size) end |
#sign(string) ⇒ Object
49 50 51 |
# File 'lib/samlr/tools/certificate_builder.rb', line 49 def sign(string) Base64.encode64(key_pair.sign(OpenSSL::Digest::SHA1.new, string)).delete("\n") end |
#to_certificate ⇒ Object
57 58 59 |
# File 'lib/samlr/tools/certificate_builder.rb', line 57 def to_certificate Samlr::Certificate.new(x509) end |
#verify(signature, string) ⇒ Object
53 54 55 |
# File 'lib/samlr/tools/certificate_builder.rb', line 53 def verify(signature, string) key_pair.public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), string) end |
#x509 ⇒ Object
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/samlr/tools/certificate_builder.rb', line 14 def x509 @x509 ||= begin domain = "example.org" name = OpenSSL::X509::Name.new([ [ 'C', 'US', OpenSSL::ASN1::PRINTABLESTRING ], [ 'O', domain, OpenSSL::ASN1::UTF8STRING ], [ 'OU', 'Samlr ResponseBuilder', OpenSSL::ASN1::UTF8STRING ], [ 'CN', 'CA' ] ]) certificate = OpenSSL::X509::Certificate.new certificate.subject = name certificate.issuer = name certificate.not_before = (Time.now - 5) certificate.not_after = (Time.now + 60 * 60 * 24 * 365 * 20) certificate.public_key = key_pair.public_key certificate.serial = 1 certificate.version = 2 certificate.sign(key_pair, OpenSSL::Digest::SHA1.new) certificate end end |
#x509_as_pem ⇒ Object
38 39 40 41 42 43 |
# File 'lib/samlr/tools/certificate_builder.rb', line 38 def x509_as_pem pem = x509.to_pem.split("\n") pem.pop pem.shift pem.join end |